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The  good  news  is  there  are 

scores  of  automated  patch  management 
products.The  bad  news  is  it’s  not  easy  to 
pick  one  that’s  right  for  your  network. 

We  look  at  how  leading-edge  users  like 
Adam  Hansen,  security  manager  at  a 
large  Chicago  law  firm,  are  solving  their 
patch  woes.  Page  41. 

Network  World  Lab  Alliance  member 
Mandy  Andress  analyzes  the  fast 
changing  patch  management  scene. 

Page  44. 

Microsoft  to  shake  up  the 
patching  landscape  with 
free  tools.  Page  46. 
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A  beta  version  of 


itch 


ADAM  HANSEN. 
SECURITY  MANAGER 


server  gets  high 
marks.  Page  46. 


Online  Buyer’s  Guide: 

Patch  management  product  information  on  24 
products  from  21  vendors.  Check  out  the  latest 
offerings  online:  www.nwfusion.com, 
DocFinder:  5531. 
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IBM  patent 
giveaway 
too  little, 
critics  say 

■  BY  ANN  BEDNARZ 

Patent  powerhouse  IBM  last 
week  unlocked  access  to  500  of 
its  software  patents  for  the  open 
source  community,  generating 
mixed  reactions  from  industry 
watchers. 

While  IBM’s  move  could  help 
users  get  hew  open  source  prod¬ 
ucts  fastef  by  removing  develop¬ 
ment  roadblocks,  open  source 
advocates  and  patent  watchers 
ultimately  would  like  to  see  com¬ 
panies  such  as  IBM  change  their 
overall  software  patenting  strate¬ 
gies.  At  the  center  of  the  issue  is 
current  U.S.  patent  practice, 
which  grants  what  critics  say  are 
overly  broad  patents  on  trivial  or 
abstract  processes.The  quagmire 
See  Patent,  page  14 


Cisco  shuffles 
the  WLAN  deck 


■  BY  PHIL  HOCHMUTH 

Cisco’s  $450  million  buyout  last 
week  of  wireless  switch  start-up 
Airespace  not  only  represents 
something  of  an  about-face  for 
Cisco  regarding  wireless  LAN 
technology  but  also  is  the  latest 
evidence  of  a  shakeout  in  the 
overcrowded  market. 

Although  more  companies  are 
installing  WLANs  —  the  market 
has  grown  65%  in  the  past  year, 
according  to  IDC  —  there  just 
isn’t  room  for  everybody  Some 
$400  million  has  been  pumped 
into  a  dozen  WLAN  switch  start¬ 
ups  in  recent  years,  and  millions 
more  went  to  dozens  of  other 
WLAN  start-ups  selling  everything 
from  processors  to  security  to 
mesh  network  products.  That 
doesn’t  take  into  account  the  mil¬ 


lions  of  dollars  more  invested  in 
WLAN  R&D  by  longtime  wireless 
players  such  as  Proxim  and 
Symbol  Technologies,  and  wired 
network  experts  such  as  3Com, 
Cisco  and  Enterasys  Networks. 

Signs  of  the  market  adjustment 
started  last 


■  We  examine 
Cisco's  2004 
acquisitions 
and  potential 
targets  for  this 
year.  Page  21. 


year.  AirFlow 
Networks 
stopped  mak¬ 
ing  switches. 

Legra  Systems 
sold  its  assets  to  two  other  com¬ 
panies.  Chantry  Networks  agreed 
to  be  bought  out  by  Siemens. 
Meanwhile,  outfits  such  as  Reef- 
Edge  and  Trapeze  Networks  have 
been  dogged  by  questions  about 
their  health. 

“There  have  been  no  new,  seri¬ 
ous  start-ups  for  the  last  two 

See  Cisco,  page  12 
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Getting  the  presidential  cell  of  approval 

This  week’s  inauguration  to  put  Nextel  technology  to  the  test. 


perch  on  the  sidewalks  along 
the  2-mile  parade  route.  Barri¬ 
cades,  temporary  fences  and 
police  have  blanketed  the  area 
between  the  White  House  and 
Capitol  Hill. 

Scattered  across  the  National 
Mall  and  nearby  streets  are 
white  vans  and  trailers  topped 
by  40-foot  poles,  antennas  and 
microwave  dishes.These  mobile 
cellular  towers  are  loaded  with 
See  inauguration,  page  16 


■  BY  CAROLYN  DUFFY  MARSAN 

Driving  around  the  nation’s 
capital,  it’s  impossible  to 
miss  the  extensive  prepa¬ 
rations  underway  for  President 
Bush’s  inauguration,  which  will 
be  held  at  noon  on  Thursday  in 
Washington,  D.C. 

A  massive  wooden  platform 
has  been  erected  on  the  front 
terrace  of  the  U.S.  Capitol  for  the 
swearing-in  ceremony  Bleachers 
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Ms.  3,000  Customer 
Web  Servers  Upgraded 
in  Three  Hours 


"We  have  3,000  servers  at  customer  sites  worldwide. 
My  team  of  four  manages,  monitors,  makes  changes, 
and  does  upgrades  without  leaving  our  desks." 


Saori  Fotenos 

IT  Manager,  Reuters 


Make  a  name  for  yourself  with  Windows  Server  System. 

Microsoft  Windows  Server  System  makes  Reuters 
infrastructure  easier  to  manage.  Here's  how:  In 
the  past,  updating  Reuters  servers  deployed  at 
customer  sites  required  dispatching  a  Reuters 
technician  to  the  customer  site.  But  now,  using 
Windows  Server  2003,  Reuters  can  manage 
everything  remotely,  allowing  them  to  invest 
their  resources  in  new  products  and  added 
services.  It's  software  that  helps  you  do  more  with 
less.  Get  the  full  Reuters  story  and  a  hands-on 
management  tool  at  microsoft.com/wssystem 


Windows  Server  System”  includes  these  products: 


Microsoft* 


Windows 
Server  System 


Server  OS 


Windows  Server" 


Operations  Infrastructure 

Systems  Management  Server 

Application  Center 

Operations  Manager 

Internet  Security  &  Acceleration  Server 

Windows®  Storage  Server 

Application  Infrastructure 

SQL  Server’" 

BizTalk’-  Server 

Commerce  Server 

Content  Management  Server 

Host  Integration  Server 

Information  Work  Infrastructure 

Exchange  Server 

Office  SharePoint'"  Portal  Server 

Office  Live  Communications  Server 

©  2004  SUN  MICROSYSTEMS,  INC.  ALL  RIGHTS  RESERVED.  SUN.  SUN  MICROSYSTEMS.  THE  SUN  LOGO.  SOLARIS  AND  THE  NETWORK  IS  THE  COMPUTER  ARE  TRADEMARKS  OR  REGISTERED  TRADEMARKS  OF  SUN  MICROSYSTEMS,  INC.  IN  THE  UNITED  STATES  AND  OTHER  COUNTR8ES.  ALL  SPARC  TRADEMARKS  ARE  USED  UNDER 
LICENSE  AND  ARE  TRADEMARKS  OR  REGISTERED  TRADEMARKS  OF  SPARC  INTERNATIONAL.  INC.  IN  THE  UNITED  STATES  AND  OTHER  COUNTRIES. 

*  SEE  SOLARIS  APPLICATION  GUARANTEE  PROGRAM  FOR  MORE  DETAILS. 
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■  8  Defense  Department  declares  war  on  child  porn. 

■  8  HP  boosts  Itanium  2  servers. 

■  10  SIPFoundry  issues  free  PBX  software. 

■  10  Microsoft  discount  targets  PeopleSoft  users. 

■  12  HP,  SBC  team  to  bind  telecom  and  IT  for  large  businesses. 

■  16  Microsoft,  Alcatel  team  to  make  calls  from  a  PC. 

■  17  Full  speed  ahead  for  Philly's  Wi-Fi  plan. 

■  57  Software  helps  users  connect  six  degrees  of  separation. 

■  57  CA  pumps  up  its  desktop  management  suite. 


Net  Infrastructure 

■  21  Cisco  set  for  big  buyout  year. 

■  21  Trapeze  upgrade  eases 
WLAN  management. 

■  22  IPS  gets  bigger  role  in  spy- 
ware  defense. 

■  23  Kevin  Tolly:  Look  ahead 
2005  —  avoid  WLAN  pileups'. 

■  24  Special  Focus:  Mobile 
VoIP  set  to  roam  even  wider. 

Enterprise 

Computing 

■  25  Veritas  customers  wary  of 
merger. 

■  25  VMware  tunes  virtualization 
for  laptop  and  desktop  PCs. 

■  26  McNealy:  Well  keep  doing 
software  and  hardware. 

■  26  Cisco,  EMC  team  on  storage. 

Application 

Services 

■  27  Aprisma  buy  fills  out  Concord. 

■  27  BMC  ups  ID  mgmt.  arsenal. 

■  28  Scott  Bradner:  Public 
nannycams. 

Service  Providers 

■  33  Tsunamis  prompt  interest  in 
'Net  emergency  communications. 

■  33  Alltel  acquisition  of  Western 
Wireless  the  latest  move  in  an  active 
wireless  industry. 

■  34  Johna  Till  Johnson: 

About  those  predictions  made  here 
last  year . . . 


Technology  Update 

■  35  ROADM  spurs  DWDM 
scalability. 

■  35  Steve  Blass:  Ask  Dr 

Internet. 

■  36  Mark  Gibbs:  Windows 
cooperating  with  Linux,  honest! 

■  36  Keith  Shaw:  Staying 
happy  and  cool  at  CES. 

Opinions 

■  38  On  Technology:  CES: 
Slush  on  ground,  in  the  market. 

■  39  Robert  Gezelter:  How 

ISPs  can  defend  their  customers. 

■  39  Thomas  Nolle:  Managed 
services:  The  way  of  the  future. 

■  58  BackSpin:  A  dozen  for 
the  new  year. 

■  58  ’Net  Buzz:  The  first  step 
is  acknowledging  that  you  have  a 
false-positive  problem. 

Management 

Strategies 

■  49  Be  careful  of  counteroffers:  A 
company's  gambit  to  get  you  to  stay 
might  sound  like  a  blessing,  but  a 
recruiter  explains  why  you  should 
think  twice  before  taking  the  deal. 


SanDisk 
merges  a 


■  CONTACT  US  NetworkWorld,  118Turnpike  Road,  Southborough,  MA 
01772;  Phone:  (508)  460-3333;  Fax:  (508)  490-6438;  E-mail:  nwnews@ 
nww.com;  STAFF:  See  the  masthead  on  page  16  for  more  contact  informa¬ 
tion.  REPRINTS:  (717)  399-1900 
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A  beta  version  of  Microsoft's  free  patch  server  gets  high  marks.  Page  46. 


Online  Buyer's  Guide:  Information  on  24  patch  management  products 
from  21  vendors.  Check  out  the  latest  offerings  online: 

www.nwfiision.com,  DocFinder.  5531 


Network  World  Lab  Alliance  member 
Mandy  Andress  analyzes  the  fast¬ 
changing  patch  management  scene. 

Page  44. 

This  promises  to  be  the  year  in  which 
Microsoft  shakes  up  the  patching  land¬ 
scape  with  free  tools.  Page  46. 


Technology  Insider:  Patch 
Management:  The  good  news  is  that  there 
are  scores  of  automated  patch  management  prod¬ 
ucts  out  there.  The  bad  news  is  that  it's  not  easy 
to  pick  the  one  that's  right  for  your  network.  In 
this  Technology  Insider,  well  describe  how  leading- 
edge  users  like  Adam  Hansen,  security 
manager  for  a  large  Chicago  law  firm, 
are  solving  their  patch  woes.  Page  41. 
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Breaking  News 


Go  online  for  breaking  news  every  day.  DocFinder:  6342 
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Available  only  on  Fusion 


Online  help  and  advice 


Network  World  Radio  Podcasts 

Get  the  inside  scoop  on  hot  technology  issues,  such  as  inexpen¬ 
sive  servers,  WiMAX  and  network  security  design.  If  you're  not 
into  Podcasting,  stream  the  sessions  to  your  desktop  or  download 
them  as  MP3s. 

DocFinder:  5334 


In-House  Counsel 

Making  sense  of  the  Family  and  Medical  Leave  Act 
In  this  new  column,  telework  attorney  Nicole  Belson  Goluboff  says 
companies  with  teleworkers  need  to  tread  carefully  when  deter¬ 
mining  who's  eligible  for  FMLA  benefits. 

DocFinder:  5340 


Network  World  Fusion  Radio:  Recapping 
CES 

Network  World's  own  Keith  Shaw,  senior  editor  of  product  testing 
and  author  of  many  columns,  newsletters  and  blogs,  joins  the 
program  to  discuss  cool  gadgets  and  technology  from  the  recent 
CES  tradeshow  and  upcoming  DEM0@15  event. 

DocFinder:  5338 

This  week  at  Network  Life:  The  Expert’s 
Guide  to  the  Connected  Home 

Every  day  Network  Life  offers  everything  you  need  to  know  to 
keep  your  — -  and  your  family's  and  friends'  —  home  network 
humming.  Get  the  latest  news,  opinions,  reviews,  how-tos  and 
more. 

DocFinder:  4838 

Network  whitepapers 

Want  a  vendor  view  on  the  up-and-coming  network  technologies? 
Head  over  to  our  Whitepaper  library,  featuring  reports  catego¬ 
rized  via  topic,  company,  date  and  more. 

DocFinder:  5339 


Nutter’s  Help  Desk 

Server  network  card  problem 

Help  Desk  Guru  Ron  Nutter  helps  a  reader  whose  HP-UX  servers 
are  dropping  users  for  no  apparent  reason. 

DocFinder:  5341 

Security  Chief 

Deb  Radcliff  talks  with  reformed  hacker  Geoff  Shivley,  who  now 
runs  vulnerability  patching  company  PivX,  and  offers  a  security 
product  Radcliff  says  is  perfect  for  home  users. 

DocFinder:  5342 

Home  Base 

CDW  launches  business  technology  makeover  contest 
Sandra  Gittlen  explains  how  you  could  win  $75,000  in  equipment 
and  consulting  from  IBM,  Linksys  and  Intel. 

DocFinder:  5343 

Small  Business  Tech 

Web  site  workover 

Columnist  James  Gaskin  talks  with  a  Web  designer,  who  offers 
tips  for  improving  your  site. 

DocFinder:  5344 


Free  e-mail  newsletters 

Sign  up  for  any  of  more  than  50 
newsletters  on  key  network  topics. 

DocFinder:  6343 


What  is  DocFinder? 

We've  made  it  easy  to  access  articles  and  resources  online.  Simply  enter  the  fuu^-digit  Ourfi-HS?- 
number  in  the  search  box  on  the  home  page,  and  you'll  jump  directly  to  the  requested  toVnuu-- 


6 


NetworkWorld 


1/17/05 


*1  f  I. 


C  :m% 
%  f- 


Hacker  landed  Secret  Service  info 

■  A  hacker  penetrated  mobile  phone  company  T-Mobile  USAs 
network  and  accessed  information  on  400  of  the  company’s  cus¬ 
tomers,  including  sensitive  information  from  the  account  of  a  U.S. 
Secret  Service  agent,  according  to  statements  by  T-Mobile  and  the 
Secret  Service. T-Mobile  confirms  that  Nicholas  Jacobsen,  a  hacker 
in  California,  compromised  its  internal  computer  systems  in  2003.  A 
grand  jury  in  California  charged  Jacobsen  with  one  count  of  unau¬ 
thorized  impairment  of  a  protected  computer  and  one  count  of 
unauthorized  access  to  a  protected  computer,  according  to  a  copy 
of  the  indictment.  Included  among  the  customers  was  a  U.S.  Secret 
Service  agent  who  had  agency  materials  linked  to  Secret  Service 
investigations  stored  on  T-Mobile  systems.  Jacobsen  obtained  that 
information  but  did  not  compromise  any  ongoing  work,  according 
to  Secret  Service  spokesman  Jonathan  Cherry. 

Phone  virus  capability  growing 

■  A  Brazilian  virus  writer  has  unleashed  a  new  mobile  phone  virus,  called  Lasco.A,that 
can  spread  through  the  short-range  wireless  Bluetooth  technology  and  by  attaching  to 
files,  according  to  the  Finnish  anti-virus  company  F-Secure.“This  is  the  first  time  we  have 
come  across  a  mobile  phone  virus  that  has  two  spreading  mechanisms,”  says  Mikko 
Hypponen, director  of  anti-virus  research  at  F-Secure.The  virus  affects  mobile  phones  that 
run  the  Symbian  operating  system  with  Nokia  Series  60  interface.  The  Lasco.A  virus  will 
copy  itself  inside  all  Symbian  Installation  System  files,  which  are  used  to  install  applica¬ 
tions,  such  as  games.The  virus  is  activated  when  users  click  on  the  SIS  file  and  install  it  on 
their  phones.  Users  can  catch  the  virus  unknowingly  by  swapping  files,  such  as  games, 
among  themselves. 

Google  targeting  enterprise  desktop  search 

■  Google  is  developing  a  desktop  search  tool  designed  for  corporate  use,  which  comes 
several  months  after  launching  a  similar  tool  for  personal  use  that  is  free  and  still  in  test 
form.  Google  declined  to  provide  details.  With  this  move,  Google  hopes  to  round  out  its 
desktop  search  push  by  addressing  both  the  mass  market  and  the  workplace  market.  Last 
week,  Google  announced  an  improved  version  of  its  enterprise  Search  Appliance  and  a 
new  similar  tool  called  Google  Mini,  which  is  simpler,  less  expensive,  and  geared  toward 
small  and  midsize  businesses.  The  Search  Appliance  can  index  and  retrieve  documents 
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Yeah,  I’d  like  to  report  that  the  guy  in 
the  row  behind  me  is  using  his  cell 
phone  while  we  are  in  the  air. . 


Layer 


Dale  Worley  of  Elkridge, 

Maryland,  starts  2005  off 
right  by  winning  the  first  Weekly  Caption  Contest  of  the  year.  Head 
over  to  Layer  8  every  Monday  for  the  start  of  a  new  round. 
www.nwfusion.com/weblogs/layer8 
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■  TheGood  fheBadl  heUgly 


<§>  IBM  patent  king 

IBM  received  more  U.S.  patents 
(3,277)  than  any  other  company 
in  2004,  marking  the  12th 
consecutive  year  Big  Blue  has  topped 
the  list  of  patent  winners.  To  celebrate 
the  occasion,  IBM  pledged  to  donate 
500  of  the  software  patents  it  holds 
to  the  open  source  community.  > 


I 
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^  School  daze.  George  Mason  University  in  Fairfax,  Va.,  recently 
discovered  unauthorized  access  to  a  database  that  exposed  32,000 
people  to  potential  identity  theft,  although  no  such  activity  has  yet  been 
traced  to  the  security  breach.  The  database  stores  the  names,  Social 
Security  numbers  and  photographs  of  all  university  students  and 
employees. 

; 

®  Tsunami  sleaze.  The  FBI  last  week  issued  an  alert  warning 
the  public  of  online  scams  disguised  as  relief  funds  for  South  Asia  tsunami 
victims.  The  Internet  Crime  Complaint  Center  has  received  reports  of 
schemes  taking  the  form  of  spam  and  viruses.  For  FBI  advice,  see 
www.nwfusion.com,  DocFinder:  5536. 

available  via  an  HTTP  Web  interface,  relational  database  data  via  Java  Database 
Connectivity  and  data  in  other  repositories, such  as  enterprise  business  applications,  con¬ 
tent  management  software  and  legacy  systems,  via  a  “feeder”  API  mechanism.  Both  prod¬ 
ucts  are  designed  for  companies  that  want  to  provide  a  Google  search  engine  so  employ¬ 
ees  can  search  for  data  on  internal  systems  and  for  visitors  to  search  their  external  public 
Web  sites. 

Intel  sees  doubling  of  Xeon  MR  memory 

■  A  server  road  map  posted  on  Intel’s  Web  site  indicates  that  the  company  plans  to  dou¬ 
ble  the  amount  of  on-chip  memory  available  on  the  Xeon  processor  MPwhich  is  designed 
for  use  in  four-way  servers.The  enhancement  will  be  included  in  a  forthcoming  release  of 
Xeon  MPcode-named  Potomac,  which  is  expected  in  the  second  quarter.  Intel  previously 
had  disclosed  that  the  Potomac  cache  size  would  be  larger  than  the  4M  bytes  available  in 
the  company’s  current  3  GHz  Xeon  MP  chips.  The  road  map  indicates  that  Potomac  will 
have  a  clock  speed  equal  to  or  greater  than  3.5  GHz  and  a  cache  size  of  8M  bytes.  While 
faster  frequencies  were  once  the  standard  way  of  improving  processor  performance,  Intel 
has  encountered  difficulty  moving  its  processor  to  4  GHz.  In  October,  the  company 
backed  off  on  a  promise  to  release  a  4-GHz  version  of  its  Pentium  4  chip,  and  none  of  the 
Pentium  or  Xeon  processors  on  the  server  road  map  list  frequencies  higher  than  3.8  GHz. 

HP  combines  PC,  printer  groups 

■  HP  will  merge  its  PC  and  printer  divisions  into  a  new  organization  led  by  Vyomesh 
Joshi,  the  current  head  of  the  printer  group,  the  company  announced  last  week.  HP  has 
struggled  to  sustain  the  profitability  of  its  PC  business  in  the  years  after  its  acquisition  of 
Compaq.  Strong  competition  from  Dell  has  kept  HP  from  attaining  the  top  market  share 
position  in  the  world,  although  the  company  is  not  far  off  Dell’s  lead.  In  November,  HP 
Chairman  and  CEO  Carly  Fiorina  said  the  PC  division  had  not  lived  up  to  expectations  for 
its  profitability  and  that  HP  was  looking  for  ways  to  improve  profits  within  that  group. The 
printer  business,  however,  is  the  most  impressive  division  within  HP  It  has  consistently 
posted  the  largest  profits  within  the  company  and  enjoys  a  strong  brand  reputation  among 
consumers  and  business  customers. 


Tell  me  again  how  an  18  year  old  in  Des  Moines 
can  take  down  our  entire  network? 

WITH  ALTIRIS  PATCH  MANAGEMENT,  THE  QUESTION  NEVER  GETS  ASKED.  Attacks  from  viruses  and  hackers  are  becoming 
more  frequent,  sophisticated,  and  dangerous.  Altiris  patch  management  gives  you  the  tools  to  fight  back  and  protect 
your  business — without  adding  resources  or  sending  costs  through  the  roof.  With  Altiris  patch  management,  you  can 
identify  new  vulnerabilities  earlier,  evaluate  and  download  patches  more  quickly,  and  automatically  deploy  those 
patches  to  your  servers  and  desktops.  That  means  you  can  answer  your  organization's  toughest  security 
questions — long  before  anyone  starts  asking  them.  For  more  information  about  how  Altiris  patch  management  can  help 
you  protect  against  viruses,  hackers,  and  other  security  threats,  visit  www.altiris.com/nwwpatch. 


PATCH  MANAGEMENT. 
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DoD  targets  child  pom  on  military  PCs 


■  BY  ELLEN  MESSMER 

CLEARWATER,  FLA.  —  When  it 
comes  to  cybercrime,  one  of  the 
biggest  problems  facing  the  De¬ 
partment  of  Defense  comes 
from  within  —  the  rank  and  file 
personnel  suspected  of  down¬ 
loading  child  pornography  on 
military  PCs. 

Although  fraud,  network  intru¬ 
sions  and  counterintelligence 
cases  also  keep  the  department’s 
tech  experts  busy,  it’s  detecting 
evidence  of  child  pornography 
stored  or  accessed  via  military 
networks  that’s  straining  the 
resources  of  the  Defense  Cyber 
Crime  Center.  At  last  week’s  De¬ 
fense  Department  Cyber  Crime 
Conference,  which  was  attended 
by  about  550  computer  crime 
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1 1  Child  porn  is 
50%  of  our 
criminal  cases.  1 9 

Steven  Shirley 

Director  of  the  Defense 
Cyber  Crime  Center 


specialists  from  the  military  and 
FBI,  the  experts  didn’t  shy  from 
acknowledging  child  pornogra¬ 
phy  as  a  scourge  the  military  is 
determined  to  fight. 

“Child  porn  is  50%  of  our  crimi¬ 
nal  cases,”  said  Steven  Shirley 
director  of  the  Defense  Cyber 
Crime  Center.  The  computer 
forensics  lab  in  Baltimore  is  regu¬ 
larly  contacted  by  investigators  in 
the  Army  Navy  Air  Force  and 
Marines  to  analyze  digital  evi¬ 
dence  seized  as  part  of  the  mili¬ 
tary’s  most  complex  computer 
crime  investigations. 

Of  the  411  cases  referred  last 
year  to  the  Defense  Cyber  Crime 
Center,  39%  were  categorized  as 
“criminal”  and  half  of  those 
involved  child  pornography, 
Shirley  told  conference  attendees 
during  a  presentation. 

He  noted  the  terabytes  of  seized 
images  and  other  data  that 
accompanies  child  pornography 
cases  can  take  analysts  two  to 


three  months  to  plow  through. 

“There’s  often  a  backlog,”  said 
Bill  Harback,  senior  computer 
forensic  examiner  at  the  center. 
“Basically  all  the  evidence  was  in 
our  hands,  and  we  wanted  to  get 
the  evidence  back  to  investiga¬ 
tors  in  a  timely  manner  so  they 
could  do  their  jobs.” 

The  Defense  Cyber  Crime  Cent¬ 
er,  which  has  328  people  to  assist 
in  computer  crime  investigations, 
is  seeking  to  pick  up  speed  in 
child  pornography  cases  through 
the  use  of  a  new  software  tool 
developed  under  the  military’s 
Project  KIDS  (Known  Image  Data¬ 
base  Systems)  initiative. 

The  tool  automates  analysis 
through  a  hashing  technique  that 
finds  both  known  and  possible 
child  pornography  in  data  files. 

The  tool  also  looks  for  malware, 
such  as  backdoors  or  Trojans,  that 
might  indicate  the  PC  was  sub¬ 
verted  to  download  child  pornog¬ 
raphy  without  the  PC  user’s 
knowledge. 

Currently,  the  center  has  ap¬ 
proved  more  than  300  tools  for 
computer  forensics  purposes  in 
the  military.  The  three  primary 
tools  are  EnCase  from  Guidance 
Software,  the  Forensic  Toolkit 
from  AccessData  and  iLook,  a 
tool  originally  developed  by  Scot-  | 
landYard,  which  is  licensed  in  the 
U.S.  by  the  Internal  Revenue 
Service  only  to  government  users. 

Another  challenge  facing  the 
Defense  Cyber  Crime  Center  is 
finding  secure  ways  to  store 
seized  data  in  all  computer  crime 
cases.  The  center’s  practice  has 
been  to  store  data  for  each  case 
on  a  separate  PC. 

“We’re  getting  cases  so  big  we 
can’t  store  the  evidence  on  even 
four  networked  PCs, so  we  need  a 
storage-area  network,”  said  Jim 
Christy,  director  of  the  Cyber 
Crime  Institute,  the  Defense  Cyber 
Crime  Center’s  research  arm. “But 
we  haven’t  seen  the  kind  of  sys¬ 
tem  to  prevent  cross-contamina¬ 
tion  of  data.” 

In  one  case,  Christy  recalled,  the 
amount  of  data  reached  a  whop¬ 
ping  75T  bytes. 

Even  as  the  military’s  computer 
forensics  experts  struggle  to  root 
out  illegal  material  from  within 
the  department  and  external 
threats,  they  are  confronted  by 
the  need  to  prove  their  labs  and 
personnel  can  meet  the  highest 
professional  standards. 

Although  computer  forensics  is 
a  new  and  evolving  science  for 
criminologists,  the  American 


Society  of  Criminal  Laboratory 
Directors  (ASCLD)  in  Garner, 
N.C.,  is  considered  the  certifying 
organization  whose  standards 
must  be  met. 

There  are  no  computer  foren¬ 
sics  labs  in  the  Defense  Depart¬ 


ment  that  have  been  certified  by 
the  ASCLD,  Shirley  said,  but  the 
Defense  Cyber  Crime  Center  will 
undergo  evaluation  to  gain  ac¬ 
creditation  this  spring. 

It’s  only  a  matter  of  time  before 
lawyers,  in  the  course  of  defend¬ 


ing  their  clients  accused  of  com¬ 
puter-based  crimes,  will  call  into 
question  any  evidence  analyzed 
in  a  lab  that’s  not  accredited, 
Shirley  said.  “You  don’t  want  an 
enterprising  defense  counsel 
boxing  your  ears  in  court.”  ■ 


HP  boosts  Itanium  2  servers 


■  BY  JENNIFER  MEARS 

Continuing  to  offer  its  Integrity  servers  as  a  power¬ 
ful  alternative  to  RISC-based  systems  from  IBM  and 
Sun,  HP  this  week  is  expected  to  unveil  a  range  of 
updates  to  its  Itanium  2-based  servers,  the  upgrades 
include  faster  processors,  enhanced  virtualization 
capabilities,  support  for  SuSE  Linux  Enterprise 
Server  9  and  a  pay-per-use  option  for  Windows  users. 

In  addition,  HP  is  set  to  announce  that  it  is  now 
shipping  OpenVMS  8.2  for  Integrity  servers,  a  long- 
awaited  port  of  the  Alpha  server  operating  system  to 
Itanium.  OpenVMS  support  adds  one  more  option 
for  customers  who  already  have  the  choice  of  run¬ 
ning  HP-UX,  Linux  or  Windows  on  Integrity  servers, 
and  is  aimed  at  making  it  easier  for  existing  Alpha 
customers  to  make  the  move  to  Itanium. 

“There’s  nothing  shocking  here.  But  overall  you 
look  at  this  announcement  in  its  entirety  and  you 
say  HP  is  making  progress  down  the  Itanium  road,” 
says  Gordon  Haff,  an  analyst  at  Illuminata. 

The  updates  come  a  month  after  HP  announced  it 
was  handing  off  its  Itanium  processor  design  team  to 
Intel.  At  that  time,  HP  stressed  its  commitment  to 
Itanium  and  said  it  would  invest  $3  billion  over  the 
next  three  years  in  its  Integrity  servers,  which  com¬ 
pete  in  the  $20  billion  RISC  market. 

This  week’s  announcements  represent  part  of  that 
$3  billion  investment.  Among  the  updates  are: 

•  Availability  of  new  Itanium  2  processors  with  9M 
bytes  of  cache,  which  HP  says  offer  up  to  a  25%  per¬ 
formance  increase  over  the  existing  Itanium  2  with 
6M  bytes  of  cache.The  new  chips  can  work  alongside 
older  Itanium  2  processors  in  the  same  box. 

•  Pay-per-use  pricing  for  Windows  systems.  HP  has 
used  automated  metering  technology  to  measure 
CPU  use  and  charge  accordingly  for  its  Unix  servers 
for  a  couple  of  years,  and  this  announcement  ex¬ 
tends  the  option  to  Windows  platforms. 

•  Global  Workload  Manager,  which  lets  customers 
move  resources  and  workloads  between  servers  to 
maximize  efficiency  In  the  past,  Workload  Manager 
could  move  loads  only  within  a  single  server.  Global 
Workload  Manager  is  supported  on  HP-UX  and  Lin¬ 
ux  today  but  HP  says  Windows  and  OpenVMS  sup¬ 
port  is  coming. 

•  Support  for  SuSE  Linux  ES  9,  built  on  the  Linux 
2.6  kernel,  letting  customers  run  Linux  on  boxes  with 
as  many  as  16  processors. 

HP  sees  growing  interest  in  its  Integrity  servers, 
which  run  some  3,000  applications.  That  software 
support  is  double  what  it  was  a  year  ago  and  is  ex¬ 
pected  to  reach  4,500  applications  by  year-end,  says 
Don  Jenkins,  vice  president  of  marketing  for  HP’s 
business-critical  servers.  He  says  sales  associated 
with  Integrity  systems,  including  software,  storage 
and  services, surpassed  $1  billion  in  2004. 


The  high  end  of  HP's  Itanium  2-based  server  line, 
Integrity  Superdome  is  one  of  a  half-dozen  servers 
getting  faster  processors  and  enhanced  capabilities. 


That’s  good  news  for  HR  which  co-developed 
Itanium  with  Intel  and  is  transitioning  all  of  its  64-bit 
offerings  onto  the  Itanium  platform.  This  latest  gen¬ 
eration  of  the  chip  has  gotten  high  reviews  from  ana¬ 
lysts,  who  note  that  the  processor  has  been  slow  to 
take  off  since  it  was  introduced  in  2001  because  of 
performance  problems  and  the  complexity  of  port¬ 
ing  applications  to  the  new  instruction  set. 

IBM  and  Dell  are  among  a  handful  of  other  ven¬ 
dors  that  sell  Itanium  2-based  servers,  but  HP  is  by  far 
the  biggest  Itanium  backer.  HP  expects  Integrity  serv¬ 
er  sales  to  account  for  half  of  all  businesscritical 
server  sales  by  year-end  and  70%  by  the  end  of  2006. 

Dave  Geiver.vice  president  of  technology  for  Prem¬ 
ier  Bankcard,  which  services  the  credit  card  ac¬ 
counts  for  First  Premier  Bank  in  Sioux  Falls,  S.D., 
brought  in  three  Integrity  servers  to  support  a  Micro¬ 
soft  SQL  database  and  business  intelligence  appli¬ 
cations  early  last  year.  He  says  the  shift  to  the  64-bit 
Itanium  platform  —  and  64-bit  applications  —  en¬ 
abled  him  to  improve  performance  substantially 
Queries  that  once  took  23  hours  to  complete  can  be 
done  in  one  hour  and  45  minutes,  he  says. 

“And  queries  that  took  45  minutes  are  now  down 
to  2  minutes,”  he  says.'The  performance  increases  at 
the  user  level  have  been  incredible.” 

Geiver  says  he  plans  to  update  his  boxes  with  the 
new  Itanium  2  processors  in  the  next  six  months.  In 
addition,  he  says  he’s  analyzing  the  pay-per-use 
option  available  to  him  as  a  Windows  user.  ■ 
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America,  processing  $100-million  in  daily  sales.  As  next-generation  net¬ 


works  emerge  and  converge,  VeriSign  will  be  there,  deploying  the 
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Intelligent  Infrastructure  Services  necessary  for  everything  from  RFID- 


enabled  supply  chains  to  inter-enterprise  VoIP  to  mobile  and  rich  media 
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Open  source  group  posts  free  IP  PBX 

SIPFoundry’s  sipX  PBX  touts  advanced  features,  but  major  challenges  lie  ahead. 


■  BY  TIM  GREENE 

An  open  source  group  has  post¬ 
ed  free  Session  Initiation  Proto¬ 
col-based  PBX  software  that  lets 
businesses  create  their  own 
phone  switches  from  standard 
Linux  servers  —  but  drawing 
business  customers  to  the  tech¬ 
nology  could  be  an  uphill  effort. 

Called  sipX,  the  PBX  offering  is 
compatible  with  SIP  phones  and 
media  gateways  that  can  change 
IP  voice  to  traditional  TDM  voice 
and  vice  versa  so  calls  can  be 


■  BY  JOHN  FONTANA 

Microsoft  last  week  offered  dis¬ 
counts  on  its  business  applica¬ 
tions  in  hopes  of  luring  People 
Soft  customers  displeased  with 
Oracle’s  pending  $10  billion  buy¬ 
out  of  their  vendor.  But  industry 
watchers  say  the  overtures  are  un¬ 
likely  to  trigger  anything  beyond 
a  trickle  of  converts. 

Experts  say  the  complexity  of 
migrations  for  business  software, 
which  is  generally  highly  cus¬ 
tomized,  is  one  factor.  In  addition, 
many  say  that  Microsoft  cannot 
match  the  level  of  sophistication 
of  the  software  PeopleSoft  cus¬ 
tomers  now  use. 

However,  some  say  that  Micro¬ 
soft’s  primary  target,  users  on  the 
former  J.D.  Edwards  applications 
PeopleSoft  acquired  in  2003, 
could  be  swayed  because  many 
applications  run  on  aging  IBM 
AS400/iSeries  platforms.  Experts 
say  a  Windows  infrastructure 
might  attract  those  users,  especial¬ 
ly  small  and  midsize  companies 
looking  at  commodity  hardware. 

“I  don’t  expect  to  see  a  thunder¬ 
ing  herd  of  ex-PeopleSoft  cus¬ 
tomers  riding  up  to  Redmond,” 


switched  onto  traditional  phone 
networks. 

SipX  was  written  by  SIPFoundry 
whose  goal  is  to  encourage  busi¬ 
nesses  to  develop  interoperable 
SIP  products  so  end  users  can 
readily  take  advantage  of  SIP  fea¬ 
tures,  such  as  presence,  without 
tweaking  the  equipment  they 
use.  The  organization  considers 
itself  a  developer  community 
where  members  can  contribute 
to  writing  open  source  code, sim¬ 
ilar  to  the  Linux  development 
community. 


says  Joshua  Greenbaum,  princi¬ 
pal  with  Enterprise  Applications 
Consulting.“For  a  large  number  of 
these  customers,  it  would  entail 
an  entirely  new  platform  and 
going  with  a  company  whose 
flagship  manufacturing  product 
is  not  well  known  in  the  U.S.This 
offer  is  reflective  of  Microsoft’s 
limited  grasp  of  whatever  oppor¬ 
tunity  could  be  here.” 

Microsoft’s  offer  is  a  25%  dis¬ 
count  on  licensing  and  support 
on  all  of  its  business  applications, 
but  in  particular  Axapta  for  users 
of  PeopleSoft  World,  and  Enter- 
priseOne,  and  Great  Plains  for 


Development  of  sipX  parallels 
similar  efforts  that  produced  As¬ 
terisk  free  PBX  software,  backed 
by  equipment  vendor  Digium. 
Asterisk  was  released  last 
September. 

While  free  software  might  be 
attractive  to  some,  it  is  unlikely  to 
become  a  major  force  in  large 
businesses.  “It  has  potential  for 
small  organizations  or  homes,  but 
it’s  unlikely  to  make  a  significant 
dent  in  the  enterprise,”  where  cus¬ 
tomers  want  more  than  just  a 
PBX,  says  Paul  Strauss,  a  research 


those  on  PeopleSoft  Enterprise. 

“The  migration  offer  is  clever, 
but  1  don’t  think  it  will  be  suc¬ 
cessful,”  says  Bruce  Richardson, 
an  analyst  with  AMR  Research. 
“The  licensing  is  the  smallest  part 
of  the  bill.  It  is  the  time  and  cost  of 
getting  everything  installed.  That 
can  be  five  to  10  times  what  you 
pay  for  the  software.” 

But  according  to  Richardson, 
users  of  the  former  J.D.  Edwards 
software  might  be  swayed  to 
change  to  low-cost  Intel  hard¬ 
ware  and  Microsoft’s  promise  to 
tightly  integrate  its  business  appli¬ 
cations  with  Office. 

Microsoft  officials  say  they  see 
an  opportunity  to  convert  People- 
Soft  customers  with  fewer  than 
500  employees. 

The  business  applications  mar¬ 
ket  remains  a  difficult  for  Micro¬ 
soft.  It  has  backed  off  claims  of 
growing  its  Business  Solutions 
Group  to  $10  billion  in  annual  rev¬ 
enue;  Microsoft  also  has  yet  to 
turn  a  profit  in  the  division.  But 
over  the  past  seven  months, 
Microsoft  has  introduced  new  ver¬ 
sions  of  its  Great  Plains,  Solomon 


manager  at  IDC.  “You  do  need 
support;  you  do  want  assurances 
of  quality;  you  do  need  to  see 
what’s  going  on  inside  it; you  want 
the  vendor  to  sell  you  phones.” 

SIPFoundry’s  key  founder,  Ping- 
Tel,  says  it  hopes  that  businesses 
interested  in  the  open  source  SIP 
software  will  buy  it  along  with 
supplemental  software  tools  and 
support  from  PingTel,  using  the 
same  model  Red  Hat  uses  with 
Linux.  PingTel  sells  PBX  support 
services  wrapped  around  a  ver¬ 
sion  of  sipX. 


and  Navision  business  applica¬ 
tions,  with  Axapta  slated  for  an 
upgrade  this  year.  All  that  comes 
after  the  company  quieted  talks 
about  Project  Green,  a  complete 
rewrite  of  its  business  application 
code  on  the  .Net  Framework. 

Microsoft  is  not  alone  in  wooing 
PeopleSoft  customers.  SAP  has 
approached  these  customers 
since  the  J.D.  Edwards  merger. 
Vendor  SmartDB  next  month  will 
introduce  PS20,  a  customization 
of  its  Workbench  tool  kit  that  sys¬ 
tems  integrators  employ  to 
migrate  PeopleSoft  users  to 
Oracle.  Lawson  Software,  which 
develops  business  applications, 
plans  to  make  a  revised  migration 
offer  in  the  coming  weeks, 
according  to  company  officials. 

“A  migration  depends  on  what 
infrastructure  technology  a  com¬ 
pany  deals  with  and  is  comfort¬ 
able  with.  What  IT  capabilities 
they  have  from  a  personnel  per- 
spective.Those  will  be  huge  deter¬ 
minants  as  to  the  attractiveness  of 
these  offers,”  says  Mike  Dominy 
director  of  enterprise  services  for 
The  Yankee  Group.  ■ 


Sterling  National  Bank  in  New 
York  says  it  likes  the  idea  of 
open  source  PBX  software,  but 
chose  to  acquire  it  through 
PingTel  and  hire  the  vendor  to 
support  the  bank’s  phone  sys¬ 
tem  rather  than  go  it  alone. 
“We’re  probably  not  that  brave,” 
says  Eliot  Robinson,  the  bank’s 
executive  vice  president.  “We 
want  somebody  to  call  on  when 
we  need  some  help  to  configure 
the  system  or  to  support  some 
users’  specific  requests.” 

He  says  he  also  likes  the  idea  of 
an  open  source  development 
community  that  he  believes  will 
innovate  new  features  quickly“It’s 
good  to  know  there’s  multiple 
developers  out  there  enhancing 
the  system,”  he  says. 

PingTel’s  share  of  the  IP  PBX 
market  is  too  small  to  count, 
Strauss  says.  According  to  IDC,  IP 
PBX  technology  is  driven  not  by 
traditional  circuit-switched  PBX 
vendors  but  by  new  vendors,  and 
that  doesn’t  mean  start-ups.  3Com 
and  Cisco,  which  have  quickly 
dominated  corporate  IP  voice,  are 
considered  new  vendors  be¬ 
cause  they  only  leapt  into  PBX 
sales  with  IP  offerings.  Avaya,  Nor¬ 
tel,  Siemens,  NEC  and  Toshiba  — 
the  traditional  PBX  leaders  —  all 
have  revamped  their  offerings  to 
embrace  IP 

What  might  give  hope  to  the 
open  source  effort  is  the  current 
small  size  of  pure-IP  PBX  sales  At 
the  same  time,  Cisco  dominates 
in  sales  of  this  category  which  will 
be  formidable  competition,  says 
Matthias  Machowinski,  directing 
analyst  for  enterprise  voice  and 
data  at  Infonetics. 

Also  available  for  download 
from  SIPFoundry  is  reSIProcate,  a 
SIP  software  stack  around  which 
developers  can  build  SIP-enabled 
gear.  Commercial  products  al¬ 
ready  using  reSIProcate  include 
Jasomi  Networks’ session  boarder 
controller  that  aids  moving  VoIP 
calls  through  firewalls,  Xten’s  soft- 
phone  and  call-agent  software, 
and  Jabber’s  presence-based 
messaging  software. 

SIPFoundry  also  is  developing  a 
set  of  SIP  interoperability  tests 
that  vendors  can  run  on  their 
own  gear  to  better  ensure  it  will 
be  compatible  with  other  ven¬ 
dors’  equipment  when  they  get 
together  at  interoperability  bake¬ 
offs,  says  Robert  Sparks,  the  presi¬ 
dent  of  the  SIPFoundry  board 
and  CTO  at  Xten.B 
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Microsoft  woos  PeopleSoft  customers 


Trolling  for  users 

Microsoft  made  a  migration  pitch  to  PeopleSoft  customers  last  week,  offering  a  25% 
discount  on  licensing  and  support  on  all  its  business  apps  for  any  company  that  wants 
to  move  to  Microsoft  Business  Solution  software. 


Proposed  Microsoft  Business 

PeopleSoft  offering  Solutions  replacement  *  Features 


T 

PeopleSoft  World,  Axapta 

PeopleSoft  EnterpriseOne 

Manufacturing  and  supply-chain  management 
with  core  financial  management. 

PeopleSoft  Enterprise  Great  Plains 

Professional  services,  manufacturing, 
wholesale,  retail  for  midsize  businesses. 

‘Migration  program  also  available  for  migrations  to  Microsoft  Business  Solutions  —  Navision  or  Solomon. 

Economical  HP  BladeSystem  solutions  feature  the  high-performance  Intel®  Xeon™  Processor.  And  they  let  you  do  more  with  less.  By 
sharing  and  pooling  servers,  storage  and  network  resources,  you  can  virtualize  and  automate  more  processes.  And  HP  BladeSystem 
solutions  not  only  offer  lower  total  acquisition  costs,  they  also  allow  the  same  number  of  people  to  manage  more  IT— offering  you  a 
better  return.  Normally,  upgrading  to  more  sophisticated  technology  comes  with  a  hefty  price  tag.  Instead,  you'll  get  more  expertise 
before  you  buy,  more  technology  when  you  buy  and  more  support  after.  None  of  which  will  cost  more. 


HP  ProLiant  BL30p  Blade  Server 


THE  SOLUTION 

THE  BENEFITS1 2 

•  2  Intel*  Xeon™  Processors  DP  up  to  3.20GHz/2MB' 

•  High  density:  Up  to  96  servers  per  rack 

•  Flexible/Open:  Integrates  with  existing  infrastructure 

•  HP  Systems  Insight  Manager™:  Web-based 
networked  managment  through  a  single  console 

•  Rapid  Deployment  Pack:  For  ease  of  deployment 
and  ongoing  provisioning  and  reprovisioning 

•  23%  savings  on  acquisition  cost 

•  Up  to  19%  less  power  consumption 

•  Up  to  93%  fewer  cables 

•  43%  less  space  needed  for  same  processing  power 

•  Hot-swappable  server  design 

•  Single  interface  for  local  and  remote  management 
of  servers,  storage,  software  and  networking 

SAVE  $500  INSTANTLY 

with  the  purchase  of  any  HP  BladeSystem  enclosure.3 


Enhance  your  system. 


HP  StorageWorks 
MSA1500cs 

-  Up  to  24TB  of  capacity  (96  250GB  SATA  drives) 

-  Up  to  16TB  of  capacity  (56  300GB  SCSI  drives) 

-  Ability  to  mix  SCSI  and  Serial  ATA 
enclosures  for  greater  flexibility 

-  2GB/ 1GB  Fibre  connections  to  host 

GET  UP  TO  2TB 
OF  STORAGE  FREE4 
(Save  up  to  $3,192) 


invent 


Contact  HP  today  for  a  free  IDC  white  paper:  Adapting 
to  Change:  Blade  Systems  Move  into  the  Mainstream 


CLICK 

www.hp.com/go/Bladesmag22 

CALL 

1-866-356-6088 

visit  your  local  reseller 


m 


1 .  Intel's  numbering  is  not  a  measurement  of  higher  performance.  2.  Based  on  internal  HP  testing;  compared  to  similarly  configured  HP1 U,  2P  server.  For  configurator,  please  visit:  http://h30099.www3.hp.com/configurator/catalog-issipc.asp.  3.  Offer  valid  through  4/30/05. 4.  Receive  up  to  2TB  of  storage  tree  with  purchase 

of  select  HP  StorageWorte  MSA1 500  devices.  Offer  ends  on  3/31/05.  See  Web  site  for  full  details.  Intel,  Intel  logo,  Intel  Inside,  Intel  Inside  Logo,  Intel  Centrino,  Intel  Centrino  Logo,  Celeron,  Intel  Xeon,  Intel  SpeedStep,  Itanium  and  Pentium  are  trademarks  or  registered  trademarks  of  Intel  Corporation  or  its  subsidiary  ' 

the  United  States  and  other  countries.  ©2004  Hewlett-Packard  Development  Company,  L.P. 
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years”  in  WLAN  switching,  says 
Samuel  Wilson,  a  senior  analyst 
with  JMP  Securities. 

But  what  Cisco’s  acquisition  of 
Airespace  also  shows,  observers 
say,  is  that  the  basic  concept  of 
WLAN  switching  is  a  winner 
even  if  many  of  the  companies 
pursuing  the  market  are  not.The 
acquisition  is  another  example 
of  Cisco  shifting  away  from  its 
previously  held  stance  that 
WLANs  are  best  run  as  add-ons 
to  a  wired  LAN  with  “heavy” 
access  points  running  as  full 
routers  at  the  network  edge. 

The  WLAN  switch  approach 
involves  overlaying  centrally 


controlled  and  managed  WLAN 
switch  hardware  and  software 
on  top  of  an  Ethernet  founda¬ 
tion  to  unite  wired  and  wireless 
802.11  clients.  Cisco  and  other 
established  switch  vendors  have 
retrofit  their  switches  to  support 
wireless  clients,  but  in  what 
WLAN  switch  supporters  say  is  a 
less  elegant  and  more  expensive 
fashion. 

The  market  for  wireless  gear  in 
general  is  roaring.  Synergy  Re¬ 
search  Group  says,  with  its  latest 
numbers  showing  that  revenue 
rose  from  $420  million  in  the 
third  quarter  of  2003  to  $714  mil¬ 
lion  in  the  third  quarter  of  last 
year.  WLAN  switches  and  con¬ 
trollers,  in  particular,  are  hot, 
jumping  from  a  $20  million  busi¬ 


HP,  SBC  team  to 
bind  telecom,  IT 

■  BY  JIM  DUFFY 

SBC  and  HP  last  week  announced  an  alliance  to  help  U.S.  businesses 
streamline  the  management  of  IT  and  communications  environments. 

The  companies  say  they  will  work  together  to  develop,  deliver  and 
market  a  portfolio  of  managed  integration  services  that  bind  telecom 
and  IT  for  enterprise  businesses.  For  enterprise  customers,  the  alliance 
provides  an  opportunity  to  consolidate  ongoing  management  of  the  IT 
infrastructure:  voice  and  data  networks;  equipment  such  as  servers,  PCs 
and  printers;  and  desktop  software. 

The  services  are  also  designed  to  assist  companies  in  implementing 
new  convergence  systems  or  integrating  branch-office  operations  into 
corporate  networks. 

The  two  companies  plan  to  begin  jointly  marketing  each  other’s  ser¬ 
vices  in  the  next  few  months,  and  develop  additional  joint  offerings, 
including  services  designed  for  smaller  businesses,  later  in  the  year. 
Services  will  be  customized  according  to  a  customer’s  specific  envi¬ 
ronments  and  requirements,  and  provided  through  one  point  of  con¬ 
tact  and  one  bill,  the  companies  say 

“This  announcement  is  really  an  extension  of  HP’s  integrated  support 
offering,”  which  provides  one  point  of  contact  for  all  of  a  customer’s  IT 
service  and  support  requirements,  says  Christine  Tenneson,  an  analyst 
at  IDC.“SBC  provided  support  services  in  the  past,  but  not  to  the  full 
spectrum  of  products  within  an  [IT]  environment, such  as  printers.” 

This  program  would  help  businesses  address  six  common  infrastruc¬ 
ture  challenges:  IT  and  telecom  convergence  technologies;  mobile 
data  services;  WANs;  network  and  infrastructure  security;  business-con¬ 
tinuity  and  -availability  services;  and  branch-office  operations  and 
integration. 

The  arrangement  extends  previous  relationships  between  HP  and 
SBC.  A  little  more  than  a  year  ago,  HP  bestowed  its  Service  Provider 
Signature  certification  on  SBC’s  E-Services  Web  hosting  and  colloca¬ 
tion  operations,  meaning  HP  recommends  SBC  to  companies  looking 
to  outsource  their  server  hosting.  HP  also  has  offered  SBC  DSL  service 
as  an  Internet  access  option  on  its  Pavilion  PCs  for  three  years. 

SBC  and  HP  are  not  alone  in  forging  integration  alliances  for  busi¬ 
nesses.  Verizon’s  Enterprise  Solutions  Group  has  linked  with  IBM, 
Electronic  Data  Systems  (EDS),  EMC,  Nortel  and  Cisco  to  jointly  offer 
managed  integration  services.  BellSouth  and  EDS  allied  seven  years 
ago  to  offer  managed  network  services  to  midsize  businesses. 
BellSouth  also  lined  up  IBM  four  years  ago  as  a  partner  for  an 
E-Services  initiative  targeted  at  small  and  midsize  businesses.  And 
Qwest  forged  alliances  with  HP  Microsoft,  Oracle  and  KPMG  years  ago 
to  offer  managed  application  and  data  storage  hosting  services.  ■ 


ness  in  the  third  quarter  of  2002 
to  a  $47  million  business  in  the 
third  quarter  of  2004.  Symbol  is 
the  market  leader  with  a  25% 
share;  Airespace  and  Aruba 
Wireless  Networks  follow,  along 
with  many  others. 

In  the  long  run,  JMP’s  Wilson 
says,  the  WLAN  market’s  evolu¬ 
tion  will  mirror  that  of  Ethernet 
switches  —  consolidation  and 
commoditization,  with  high-end 
and  low-end  players. 

“You’ll  have  your  Cadillacs  — 
the  Ciscos,  Extremes  and  Found- 
rys  —  and  your  Mini  Coopers, 
like  Netgear,  D-Link  and  Linksys,” 
he  says. 

What  this  means  for  customers 
ultimately  is  lower  pricing.  IDC 
forecasts  that  the  price  for  enter¬ 
prise  WLAN  gear  will  come 
down  over  time,  from  a  current 
$450  average  price  tag  per 
access  point  down  to  about 
$200  in  2008. 

But  in  the  near  term,  analysts 
still  expect  vendors  to  charge  a 
premium  for  gear  that  ties  ele¬ 
ments  of  a  WLAN  into  a  cohe¬ 
sive  system. 

“I  don’t  expect  Cisco  will  sud¬ 
denly  start  selling  Airespace 
solutions  at  half-price,”  says 
Abner  Germanow,  enterprise 
networking  research  manager  at 
IDC.  “If  anything,  price  pressure 
will  come  from  smaller  competi¬ 
tors  looking  to  undercut  Cisco.” 

Some  might  question  why 
Cisco  would  pay  $450  million 
for  a  competitor  in  a  market 
where  it  is  already  a  runaway 
leader,  with  48%  market  share. 
Analysts  say  it’s  a  matter  of  find¬ 
ing  the  right  WLAN  architecture 
for  the  future. 

“Right  now,  we’re  seeing  a  lot  of 
big  wireless  LAN  RFPs  coming 
out,  and  Cisco  was  not  winning 
them”  with  its  decentralized 
WLAN  architecture,  JMP’s  Wilson 
says.  “Airespace’s  products  were 
better  than  Cisco’s.  [Airespace] 
has  been  gaining  market  share, 
and  Cisco  has  been  losing 
share.” 

Sources  say  Cisco  recently  lost 
out  to  Airespace  for  a  network 
upgrade  project  at  Microsoft’s 
Redmond,  Wash.,  campus,  where 
Cisco  gear  is  already  installed. 

“There  are  a  growing  number  of 
companies  that,  because  of  bud¬ 
get  issues  or  security  issues,  have 
found  that  a  network  overlay  was 
easier]’  IDC’s  Germanow  says. 

Among  WLAN  switch  start-ups, 
Airespace  was  a  fast-rising  star 
and  like  most  of  its  peers  has 
concentrated  on  revenue 
growth  rather  than  profitability. 
Industry  watchers  estimate  that 
its  sales  exploded  from  between 
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WLAN  shakeout 

The  overcrowded  wireless 
LAN  market  has  thinned 
out  over  the  past  year. 

2004 

April 

AirFlow  bows  out  of 
the  WLAN  switch 
market,  opting  to  sell 
its  software  and 
components  to  other 
vendors. 

October 

WLAN  switch  vendor 
Legra  goes  out  of 
business  less  than  a 
year  after  introducing 
its  first  product  and 
sells  assets  to  two 
companies. 

November 

Chantry  is  acquired  by 
Siemens,  which  had 
invested  $17  million  in 
the  start-up. 

2005 

January 

Cisco  acquires 
Airespace  for  $450 
million  in  stock,  after 
months  of  courting  the 
vendor  and  rival 
Aruba. 

V 

_ t 

$1  million  and  $3  million  a  year 
ago  to  about  $18  million  in  the 
most  recent  quarter.  Meanwhile, 
its  market  share  grew  from 
around  1%  to  6%  in  access 
points  and  from  17%  to  24%  in 
WLAN  switches. 

Cisco’s  acquisition  comes  just 
seven  months  after  it  launched 
technology  similar  to  what  the 
WLAN  start-ups  were  touting. 

“This  isn’t  a  180-degree  turn  for 
Cisco,”  says  David  Newman,  pres¬ 
ident  of  Network  Test  and  a 
Network  World  Lab  Alliance 
partner.  “They’ve  already  started 
to  go  away  from  the  fat  access 
point  model.” 

Cisco  launched  its  answer  to 
the  WLAN  overlay  approach 
with  its  Structured  Wireless- 
Aware  Network  (SWAN)  archi¬ 
tecture  in  May.  This  basically 
puts  a  WLAN  switch  inside  a 
Catalyst  6500  in  the  form  of  a 
WLAN  services  module 
(WLAM).  This  blade  aggregates 
Cisco  access  points  and  man¬ 
ages  their  security  and  configu¬ 
ration  settings,  Newman  says.  But 
the  cost  of  entry  for  Cisco’s 
SWAN  architecture  starts  at 
$28,000  for  the  WLAM. 

“You  can  get  a  functional 
[Airespace]  WLAN  system  for 
under  $10,000,”  he  says. 

Competitors  saying  that  they 
are  here  to  stay  in  the  WLAN 
switch  market  argue  that  Cisco’s 


Airespace  purchase  validates 
their  own  existence  and  the 
market  in  general. 

“Wireless  LAN  switching  is 
something  that  Cisco  has  been 
fighting  against  for  many  years 
now;”  says  Anthony  Bartolo,  vice 
president  of  Symbol’s  network 
infrastructure  division. The  Cisco 
deal,  Bartolo  says,  is  “a  $450  mil¬ 
lion  validation”  that  overlay 
WLAN  switching  technology  is 
what  customers  demand. 

Aruba,  a  WLAN  switch  player 
that  turned  down  a  Cisco  acquisi¬ 
tion  bid  in  November,  argues  that 
wireless  presents  so  many  new 
challenges  that  there  always  will 
be  room  for  specialists. 

“We  think  the  market  is  huge," 
says  David  Callisch,  director  of 
marketing  for  Aruba.“The  oppor¬ 
tunity  is  way  more  than  the 
amount  of  money”  Airespace  got 
from  Cisco. 

And  just  because  many  call 
the  WLAN  market  overfunded 
doesn’t  mean  new  money  isn’t 
flowing  into  the  arena.  WLAN 
security  and  management  com¬ 
pany  Roving  Planet  last  week 
announced  $6  million  in  fresh 
financing,  while  security  special¬ 
ist  Bluesocket  this  week  is 
announcing  $10  million  in  new 
funding. 

Still,  many  companies  that  are 
deeply  entrenched  with  Cisco 
or  other  established  network 
equipment  makers  often  will 
stick  with  those  vendors  even 
for  new  technologies  such  as 
wireless. 

CareGroup  Healthcare  System 
in  Boston  recently  decided  to 
install  a  WLAN  based  on  Cisco’s 
SWAN  gear,  after  it  evaluated 
Airespace  and  Cisco  offerings. 

“Airespace  had  been  doing 
[WLAN]  roaming  capabilities 
for  some  time,”  which  was  a  key 
feature,  says  CIO  John  Halamka. 
“The  downside  was  buying  sepa¬ 
rate  proprietary  Airespace 
access  points  and  appliances”  to 
overlay  on  a  Cisco  network. 

But  with  Airespace  now  under 
Cisco’s  umbrella,  “we’ll  certainly 
review  the  product  offering  and 
consider  deploying  an  all-Cisco 
solution  that  includes  Airespace 
components,”  he  says. 

Ultimately,  Halamka  says,  he 
would  like  an  architecture  that 
integrates  wired  and  WLAN 
management, security  and  provi¬ 
sioning  with  advanced  roaming 
and  radio  frequency  configura¬ 
tion  features. 

“We  have  a  15,000-port  Cisco 
network  composed  of  Catalyst 
6500  gear, so  we  want  to  leverage 
our  existing  network  if  at  all  pos¬ 
sible,"  he  says.  ■ 
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In  repeated  time  trials  between  the  SDLT  600  and  LTO-2,  neither  tape  ever  reached  the  cheese, 
or  even  left  the  starting  line  for  that  matter.  Perhaps  the  tapes  don’t  like  cheese.  Or  maybe,  (and  this 
is  highly  speculative,  mind  you)  it’s  because  they  don’t  have  any  legs?  We  may  never  know  the  truth. 
However,  when  it  comes  to  data  backup  capacity,  the  SDLT  600  was  the  clear  winner  thanks  to  a 

whopping  50%  more  capacity  than  LTO-2.  The  SDLT  600  is  also  20%  faster  and  includes  DLTSage™ 
diagnostic  management  software  and  DLT/ce™  archival  WORM  functionality.  How  do  we  know? 

It’s  been  tested.  For  more  info  and  to  download  the  whitepaper,  visit  DLTtape.com 


TAPE 


SDLT  600  vs.  LTO-2 


10V 


C30 


BftaSSa 


TEST  #348 


Superior  cognitive  memory  skills  :  |  |  [  |  sr 

Highest  capacity :  mnn 
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IT  vendors  made  a  strong  showing  in  IF!  Claims  Patent 
Services’  2004  list  of  top  patent  winners. 

Top  10  companies,  ranked  by  the 
number  of  U.S.  patents  granted  in  2004 

Number  of  patents 

1.  IBM 

3,277 

2.  Matsushita  Electric  Industrial 

1,965 

3.  Canon 

1,813 

1,780  f 

5.  Micron  Technology 

1,761 

6.  Samsung  Electronics 

7.  Intel 

1,604 

8.  Hitachi  ■— 

1,534  ,  | 

9.  Sony 

1,348 

|  10.  Toshiba 

1,342 

Other  IT  companies  on  the  list 

Number  of  patents 

21.  Infineon  Technologies 

799 

/  27.  Sun  *  •  |§ 

679  WBKBKKtk 

28.  Agilent  Technologies 

651 

H  29.  Microsoft 

629 

33.  Lucent 

546 

38.  Nortel 

44.  Cisco 

433 

45.  Seagate  Technology 

- 

431 

Patent 

continued  from  page  1 

of  patents  that  developers  have  to 
weed  through  to  avoid  infringe¬ 
ment  is  unmanageable,  and  the 
result  for  corporate  users  is  slow¬ 
er  product  innovation  and  delays 
in  standards  progress. 

“I  say  thanks  very  much.  It’s  a 
good  start,  but  it’s  certainly  not 
the  finish,”  says  Bruce  Perens, 
open  source  evangelist  and  a 
founder  of  the  Open  Source  Ini¬ 
tiative.  The  patents  IBM  has  cho¬ 
sen  to  make  available  to  the  open 
source  world  are  just  a  small  frac¬ 
tion  of  its  portfolio,  he  says. 

With  IBM’s  pledge,  the  technolo¬ 
gies  covered  by  500  of  its  software 
patents  are  available  royalty-free 
to  companies  or  individual  devel¬ 
opers  working  on  open  source 
software,  removing  the  threat  of  a 
patent  lawsuit  by  IBM.The  patents 
cover  a  broad  range  of  technolo¬ 
gies,  including  data  encryption, 
caching,  compression  and  lan¬ 
guage  processing. 

Opening  access  to  these  tech¬ 
nologies  is  an  effort  to  help  foster 
innovation,  says  Douglas  Heintz- 
man,  director  of  technical  soft¬ 
ware  strategy  at  IBM. 

In  addition  to  forfeiting  poten¬ 
tial  revenue  IBM  might  have 
earned  by  licensing  its  technolo¬ 
gies  to  open  source  developers, 
IBM  assumes  the  burden  of 
maintaining  the  500  patents  in 
question  —  which  costs  more 
than  $1  million  each  year.Heintz- 
man  says. 

Of  course,  it’s  not  all  sacrifice  for 
IBM. 

“We  believe  that  this  will  pro¬ 
mote  and  drive  innovation  in  our 
marketplace.  Certainly  our  com¬ 
pany  will  benefit  as  the  rate  of  in¬ 
novation  accelerates,”  Heintzman 
says. 

Given  that  a  significant  portion 
of  IBM’s  business  is  related  to 
open  source,  primarily  Linux,  the 
decision  to  grant  patent  amnesty 
obviously  is  motivated  in  part 
by  self-interest,  says  Stephen 
O’Grady,  a  senior  analyst  at  Red- 
Monk.  “If  Linux  as  an  operating 
system  can  be  enhanced  or  at 
least  have  some  of  the  concerns 
around  patent  infringement  re¬ 
moved,  certainly  IBM  stands  to 
benefit,”  he  says. 

While  the  contribution  is  signifi¬ 
cant,  it’s  not  entirely  unexpected, 
adds  Dan  Ravicher,  executive 
director  of  the  Public  Patent 
Foundation,  a  nonprofit  legal  ser¬ 
vices  organization  in  New  York 
working  toward  patent  system  re¬ 
form.  Most  legal  observers  would 
have  presumed  before  the  an¬ 
nouncement  that  IBM  would  not 


sue,  at  least  in  the  near  term,  the 
makers  of  open  source  products 
off  of  which  it  is  making  money 
Ravicher  says. 

To  IBM’s  credit,  by  granting  ac¬ 
cess  to  any  open  source  develop¬ 
er,  not  just  those  with  which  it 
partners,  the  company  is  allowing 
broader  access  than  what  had 
been  presumed,  Ravicher  says. 

Linux  creator  Linus  Torvalds 
says  IBM’s  move  is  a  good  first 
step  toward  solving  some  of  the 
problems  with  software  patents. 
“Will  this  make  patent  problems 
go  away?  Obviously  not.  Would  I 
have  preferred  that  IBM  open  all 
their  patents  and  speak  out 
against  software  patents  in  gener¬ 
al?  Hey,  sure, ’’Torvalds  wrote  in  an 
e-mail  interview.“But  no,  that’s  not 
how  things  work.  I’m  pragmatic.” 

Not  everyone  sees  any  benevo¬ 
lence  in  IBM’s  move. 

Florian  Mueller,  campaign 
manager  of  NoSoftwarePatents 
.com,  a  European  anti-software 
patenting  effort,  spoke  harshly 
about  IBM’s  pledge,  calling  it 
“diversionary  tactics.” 

The  European  Union  (EU)  has 
been  considering  adopting  soft¬ 
ware  patenting  practices.  IBM  — 
which  holds  about  40,000  world¬ 
wide  patents  —  is  among  the 
companies  lobbying  strongly  for 
it  to  happen,  according  to 
Mueller. 

“If  IBM  wants  to  assume  the  role 
of  a  post-Christmas  benefactor, 
they’d  better  stop  their  aggressive 
patent  lobbying  in  the  EU  and 
their  shameless  squeezing  of 


small  and  medium-sized  compa¬ 
nies  with  that  IBM  ‘patent  tax’” 
Mueller  said  in  a  statement. 

The  patent  problem 

IBM  is  certainly  not  the  only 
vendor  making  money  licensing 
patented  technology.  It’s  just 
among  the  largest  targets  for  criti¬ 
cism,  given  that  for  the  last  12 
years  IBM  has  earned  more  U.S. 
patents  each  year  than  any  other 
company 

Statistics  released  last  week  by 
IFI  Claims  Patent  Services  show 
IBM  earned  3,277  patents  in  2004 
—  1,312  more  than  the  second- 
ranked  company,  Matsushita 
Electric  Industrial  Company 
According  to  Heintzman,  soft¬ 
ware  patents  make  up  approxi¬ 
mately  half  of  the  patents  IBM  reg¬ 
istered  last  year. 

What  critics  of  software  patent¬ 
ing  object  to  is  the  power  afford¬ 
ed  a  patent  holder,  at  the  expense 
of  future  innovations. 

Software  patents  typically  are 
very  vaguely  written.'That’s  done 
deliberately  so  that  the  patent  has 
the  maximum  scope  of  applica¬ 
tion  —  which  is  a  terrible  abuse 
of  the  system,  because  patent 
holders  can  claim  things  that  they 
didn’t  invent,”  Pferens  says. 

Like  a  lot  of  patents,  software 
patents  can  cause  competitive 
and  economic  harm  by  preclud¬ 
ing  or  hindering  competition, 
Ravicher  says.  Additionally  soft¬ 
ware  patents  can  deny  the  right 
to  due  process  simply  because 
the  cost  of  defending  against  a 


patent  claim  is  prohibitively  high, 
he  says. 

Statistics  from  the  American  In¬ 
tellectual  Property  Law  Associ¬ 
ation  show  the  average  cost  per 
litigant  in  a  $1  million-plus  patent 
litigation  case  is  $2  million  to  $4 
million,  Ravicher  says. 

At  its  worst,  software  patent 
abuse  has  the  potential  to  shut 
down  open  source,  Perens  says. 
“Especially  if  you  get  Microsoft 
and  its  buddies  working  at  it  in  a 
concerted  way’  he  says.  “They 
can  make  it  too  expensive  for 
people  to  be  open  source  devel¬ 
opers.  It  potentially  can  have  the 
same  effect  on  any  small  busi¬ 
ness  that  raises  the  ire  of  large 
patent  holders.” 

It’s  not  just  developers  who  are 
subject  to  patent  lawsuits,  but  also 
end  users  who  deploy  open 
source  software  that  could  in¬ 
fringe  on  a  patent.  When  The  SCO 
Group  launched  a  lawsuit  against 
IBM  in  2003  claiming  IBM  illegal¬ 
ly  contributed  SCO’s  Unix  intel¬ 
lectual  property  code  to  Linux. 
Part  of  its  tactics  included  send¬ 
ing  letters  to  more  than  1,000 
large  corporations  warning  they 
could  be  liable  for  using  Linux. 

“Software  patents  can  be  as¬ 
serted  against  individuals  and 
small  businesses  who  don’t  have 
the  wherewithal  to  hire  very  ex¬ 
pensive  attorneys,”  Ravicher  says. 
“Patents  can  be  used  to  intimi¬ 
date  people  into  paying  a 
license  fee  or  just  closing  up 
shop  because  they  can’t  avail 
themselves  of  a  day  in  court  to 
fight  the  battle.” 

Part  of  the  reason  patent  litiga¬ 
tion  is  so  expensive  is  because 
there’s  so  much  uncertainty  in  the 
law.  There’s  a  single  court  respon¬ 
sible  for  hearing  patent  cases 
which  are  appealed,  and  that 
appellate  court  overturns  deci¬ 
sions  made  by  trial  courts  50%  of 
the  time,  Ravicher  says. 

No  one  ever  settles  after  trial 
because  there’s  a  50-50  chance 
the  decision  will  be  reversed  later 
on  appeal.  “This  creates  a  very 
expensive  game,”  Ravicher  says. 

IBM’s  Heintzman  acknowledges 
the  patent-granting  process  in  the 
U.S.  could  use  some  refining.  In 
particular,  the  threshold  for  get¬ 
ting  a  patent  should  be  raised 
quite  a  bit  higher  than  where  it  is, 
he  says. 

“We’re  very  strong  advocates  of 
good  and  reasonable  intellectu¬ 
al  property  law.  On  the  other 
hand,  we’re  concerned  that  intel¬ 
lectual  property  can  be  used 
and  has  been  used  in  ways  that  it 
was  not  intended,  in  terms  of 
putting  a  brake  on  innovation,” 
he  says. 


For  its  part,  IBM  has  been  re¬ 
thinking  its  approach  to  intellec¬ 
tual  property  he  says. 

The  company  has  a  compre¬ 
hensive  process  for  evaluating 
patent  applications  to  ensure 
each  one  represents  genuine  sci¬ 
entific  progress  and  technologi¬ 
cal  innovation,  Heintzman  says. 
“We  easily  could  just  submit  and 
receive  twice  the  number  of 
patents  that  we  are  actually 
granted,”  he  says.  “But  that’s  not 
what  this  is  all  about. We’re  not  in 
business  to  win  the  patent  race.” 

In  the  last  six  months,  IBM  set 
up  a  team  charged  with  rethink¬ 
ing  the  company’s  patent  strate¬ 
gy  That  led  to  IBM’s  announce 
ment  in  August  that  it  will  not 
assert  any  of  its  patents  against 
the  Linux  kernel.  The  team  also 
drove  last  week’s  decision  re 
garding  the  500  software  patents. 

Torvalds  welcomes  the  fact  that 
IBM’s  policy  shows  the  business 
community  a  way  to  embrace 
the  sharing  ethos  of  open  source 
developers.  “The  more  people 
that  think  about  this  and  the 
more  businesses  that  get  com¬ 
fortable  with  the  notion  of  shar¬ 
ing,  whether  it  be  their  copyright¬ 
ed  software  or  their  patents,  the 
better  off  we’ll  all  be”  he  wrote. 

Meanwhile,  patent  reform  is 
gaining  momentum,  but  it’s  not 
an  overnight  process. 

“It  could  take  10  years,  but  we 
really  have  to  turn  back  the  tide 
of  software  patenting  in  the 
United  States.  And  at  the  same 
time,  we  have  to  hold  it  off  in 
other  nations,”  Perens  says. 

It’s  going  to  become  more 
apparent  over  the  next  decade 
or  two  that  the  patent  system  is 
not  a  benefit  to  technologists, 
but  an  impediment,  Ravicher 
says. 

“As  the  coalition  of  voices  call¬ 
ing  for  patent  reform  grows,  and 
as  the  number  of  people  benefit¬ 
ing  from  the  patent  system 
becomes  more  and  more  para¬ 
sitic  —  patent  attorneys  instead 
of  technologists  —  it  will  be 
more  and  more  politically  unten¬ 
able  for  policy  makers  to  refuse 
to  fix  the  system  so  that  it 
achieves  its  true  purpose,  which 
is  advancing  technology’ he  says. 

IDG  News  Service  correspon¬ 
dent  Robert  McMillan  contributed 
to  this  story. 


Read  about  Ill’s  foray 
into  identity  resolution 
software  with  a  recent 

acquisition.  PARE  57. 
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Constant,  uninterrupted  access  to  critical  data,  systems  and  people.  Even  when  something  goes  wrong.  That’s  Information  Availability.  And  one;Jjigp| 
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and  data  white  SunGard  Availability  Services  helps  to  ensure  that  the  infrastructure  and  technical  support  you  need  is  always  on.  SunGar.cP 
offer  a  secure  and  scalable  environment  at  a  lower  operational  cost  for  production.  Plus  we  have  over  60  state-of-the-art  hardened 
network,  power  and  equipment  redundancies  that  are  unparalleled.  For  a  free  copy  of  the  IOC  :  kVt*nim»'  Penn 
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News 

By  the  numbers 

Facts  and  figures  regarding  George 

W.  Bush’s  upcoming  presidential 

inauguration. 

750,000  People  expected  to  attend  the  inauguration,  which  will  be 
held  at  noon  on  Jan.  20  at  the  U.S.  Capitol. 

13,000  U.S.  troops  and  law  enforcement  officers  who  will  be  used 
to  keep  the  president  and  spectators  safe  during  the 
inauguration. 

10,000  People  expected  to  participate  in  the  inaugural  parade, 

which  will  have  14  floats,  45  marching  bands  and  thousands 
of  dignitaries  from  every  state.The  military  estimates  the 
parade  will  last  less  than  two  hours. 

100  City  blocks  that  will  be  closed  on  inauguration  day. 

9  Official  inaugural  balls  that  will  be  held  around  the  city. 

$2,500  Cost  of  a  ticket  to  attend  the  parade,  swearing  in  and 
inaugural  ball.  A  candlelight  dinner  with  the  president 
costs  an  extra  $2,500. 

$40  Estimated  cost  of  the  four-day  inaugural  extravaganza. 

million 

SOURCE:  NEW  YORK  TIMES,  WASHINGTON  POST  AND  OTHER  PUBLISHED  REPORTS. 


Inauguration 

continued  from  page  1 

racks  of  radios  and  other  gear 
needed  to  support  the  needs  of 
the  750,000  people  expected  to 
attend  the  inauguration. 

Cellular  carriers  such  as  Nextel 
are  spending  millions  of  dollars 
and  countless  hours  of  engineer¬ 
ing  time  to  prepare  its  networks 
for  four  days  of  festivities. 

For  Nextel,  the  preparations 
involve  doubling  the  capacity  of 
its  network  in  downtown  Wash¬ 
ington  and  adding  redundant  T-l 
lines  and  back-up  power  genera¬ 
tors.  Nextel  also  built  a  special 
on-site  war  room  for  monitoring 
network  performance. 

“To  prepare  for  events  like  this, 
you  have  to  think  big,”  says  Jihad 
Hermes, Nextels  vice  president 
for  RF  engineering  and  opera¬ 
tions  in  the  Northeast  region.“It’s 
like  building  a  city  overnight.” 

Nextel  is  a  key  provider  of  cel¬ 
lular  service  to  local  law  en¬ 
forcement  agencies,  including 
the  U.S.  Secret  Service;  Metro 
D.C.,  Police;  US.  Park  Police  and 
the  FBI.  Nextel  anticipates  a  big 
spike  in  the  amount  of  walkie- 
talkie  traffic,  cell  phone  calls  and 
e-mails  being  sent  by  law 
enforcement  personnel  as  well 
as  its  regular  business  customers. 

“On  the  day  of  the  event,  we 
will  have  dozens  of  people 
watching  every  bit  and  byte  and 
pulse  that  comes  out  of  our  net¬ 
work,”  Hermes  says.“After  the 
event,  there  will  be  analysis,  pre¬ 
sentations  and  celebrations.” 

On  an  unseasonably  warm 


afternoon  a  week  before  the 
inaugural  festivities  begin,  Nextel 
demonstrates  that  most  of  its  net¬ 
work  deployment  is  done. 
Nextel’s  engineering  team  oozes 
confidence  as  it  prepares  for  this 
high-visibility  event.That’s 
because  handling  big  events 
such  as  the  inauguration  has 
become  routine  for  it. 

In  the  past  year,  Nextel  has  sup¬ 
ported  numerous  events  that 
attracted  100,000  or  more  peo¬ 
ple,  including  the  G8  Summit,  the 
Democratic  and  Republican 
National  Conventions,  the  dedi¬ 
cation  of  the  National  World  War 
II  Memorial  and  former  Presi¬ 


dent  Ronald  Reagan’s  funeral. 

Each  time,  Nextel  has  deployed 
a  custom-tailored  network  in  a 
matter  of  days,  weeks  or  months 
and  then  torn  it  down  afterward. 

“We  don’t  panic  so  much  any¬ 
more,”  says  Lalita  Subramanian,  a 
senior  RF  manager  with  Nextel. 
“We’ve  gotten  better  and  better 
at  these  events.” 

Nextel’s  engineering  and  opera¬ 
tions  group  has  had  the  inaugu¬ 
ration  on  its  radar  for  a  year,  but 
planning  for  this  network  began 
in  earnest  six  months  ago.  About 
50  of  Nextels  600  engineering 
and  operations  staff  in  the 
Washington,  D.C.,  area  have 
helped  get  the  company’s  net¬ 
work  ready  for  the  festivities. 

The  2005  inauguration  is  the 
largest  event  Nextel  has  sup¬ 
ported  in  the  mid-Atlantic. 
Nextel’s  most-extensive  support 
overall  is  at  the  New  Year’s  Eve 
celebration  in  Times  Square.  It’s 
also  the  event  with  the  tightest 
security,  placing  unprecedented 
demands  on  Nextel  for  field 
engineers  who  are  U.S.  citizens 
with  security  clearances. 

“It’s  more  sensitive  because  we 
have  a  sitting  president  involved,” 
Hermes  says.“We  have  to  allow 
for  a  lot  of  last-minute  needs.” 

For  months,  Nextel’s  engineer¬ 
ing  and  operations  group  has 
been  planning  the  network 
capacity  and  coverage  required 
for  the  inauguration.They  met 
with  law  enforcement  customers 
to  understand  their  needs.They 
purchased  and  integrated  new 
radios  from  Motorola,  Nextel’s 
primary  supplier. They  negotiated 
with  city  officials,  building  own¬ 
ers  and  hotel  managers  about 


equipment  location. 

By  mid-December,  Nextel  had 
most  of  its  auxiliary  network 
equipment  in  place. The  carrier 
added  more  than  100  radios  to 
the  rooftops  of  buildings  along 
the  parade  route  and  near  the 
Capitol.  A  dozen  nearby  hotels 
and  other  key  buildings  such  as 
MCI  Center  and  the  Washington 
Convention  Center  were 
equipped  with  wireless  service  to 
support  attendees  at  the  inaugur¬ 
al  balls  and  other  festivities. 

Nextel  also  deployed  seven 
mobile  cellular  towers  —  nick¬ 
named  COWs  for  cell  on  wheels 

—  in  the  National  Mall  area. 

Each  COW  has  20  radios  and 
can  support  up  to  120  simultane¬ 
ous  calls. 

By  adding  this  much  network 
capacity  in  such  a  concentrated 
area,  Nextel  is  supporting  the 
equivalent  of  a  midsized  city  in 
the  1.5-mile  radius  surrounding 
the  U.S.  Capitol. 

“What  we  would  normally  build 
to  support  a  city  of  2  million  peo¬ 
ple,  we  have  built  in  about  1 
mile,”  Hermes  says.“It’s  the  inten¬ 
sity  and  localization  of  the 
demand  that’s  so  challenging.” 

Nextel  has  added  the  same 
amount  of  network  capacity  to 
downtown  Washington  in  the  last 
month  that  it  normally  would 
add  to  a  city  over  three  years. 

Despite  Nextel’s  massive  net¬ 
work-deployment  effort,  it’s  hard 
for  the  untrained  eye  to  pick  out 
all  the  extra  antennas  and 
radios. The  new  wireless  gear  is 
so  well  disguised  in  the  ceiling 
of  one  local  hotel  that  Nextel’s 
own  engineers  had  trouble  find¬ 
ing  their  radios,  which  look  like 
upside  down  Styrofoam  cups 
cemented  to  the  ceiling. 

Like  everything  else  about  this 
inauguration  —  which  will  have 
an  unprecedented  security  level 

—  much  of  Nextel’s  preparation 
is  being  done  behind  the  scenes. 
That’s  why  Nextel  can’t  say  pre¬ 
cisely  where  its  gear  is  located 
without  getting  in  trouble. 

“Dozens  of  our  people  will  be 
working  that  day  whether  you 
see  them  or  not,”  Hermes  says. 
“We  have  people  assigned  to  cer¬ 
tain  areas  that  are  cordoned  off 
to  the  public.” 

For  the  Nextel  engineering 
team,  politics  hasn’t  gotten  in 
the  way  of  their  pride  in  having 
their  network  perform  well  on 
Thursday 

“It  didn’t  matter  to  us  who 
won  the  election ’’Subramanian 
says.  “It  could  have  been 
Ronald  McDonald  up  there, 
and  we  would  still  have  to  get 
the  job  done.”  ■ 


Microsoft,  Alcatel  team 
to  make  calls  from  a  PC 

■  BY  SCARLET  PRUITT 

Telecom  company  Alcatel  last  week  said  it  has  signed  a  deal 
with  Microsoft  to  help  develop  applications  that  let  users  make  phone 
calls  from  their  computers. 

Under  the  partnership,  Alcatel’s  Genesys  unit  will  work  with  Micro¬ 
soft’s  Real-Time  Collaboration  Group  to  give  enterprise  customers  inte¬ 
grated  instant  messaging  and  telephony  applications  using  the  soft¬ 
ware  giant’s  next-generation  IM  and  communications  software  code- 
named  Istanbul.  Istanbul  is  the  front-end  application  for  Microsoft’s 
upcoming  Live  Communications  Server  2005  product,  which  links  LCS 
2005  with  users’  telephones. 

The  products  resulting  from  the  collaboration  are  aimed  at  letting 
users  make  phone  calls  through  a  company’s  PBX  or  IP  PBX  phone  sys¬ 
tem  from  their  desktop,  and  give  access  to  a  suite  of  communication 
features, such  as  the  ability  to  view  the  availability  of  contacts,  transfer 
calls  and  schedule  conference  calls,  Alcatel  says. 

The  deal  comes  as  the  Redmond  software  maker  aims  to  take  greater 
part  in  the  convergence  between  the  telephone  and  computer. 
Microsoft  forged  a  similar  agreement  with  Siemens  last  week. 

Pruitt  is  a  correspondent  with  IDG  News  Service. 
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share  their  wisdom 


Full  speed  ahead  for  Philly's  Wi-Fi  plan 

Philadelphia  this  year  is  forging  ahead  with  one  of  the  most  visible  and  politically  charged  wire¬ 
less  LAN  projects  in  the  country,  despite  recent  efforts  by  telecom  lobbyists  to  stymie  it.  The  city’s 
CIO,  Dianah  Neff,  spoke  with  Network  World  Senior  Editor  John  Cox  about  what  will  be  involved 
in  blanketing  the  135  square  miles  of  the  city  with  a  Wi-Fi  mesh.  Here’s  an  edited  transcript. 


There  was  last-minute  controversy  around  the  passage  of 
Pennsylvania  House  Bill  30,  a  reform  of  the  state's  telecom 
statutes.  It  included  a  provision,  for  which  Verizon  lobbied 
hard,  that  limits  what  cities  and  towns  can  do  to  create  net¬ 
works  like  the  one  you're  talking  about.  Tell  us  about  what 
happened. 

We’d  been  aware  of  HB  30.  It  had  been  around  for  18 
months  and  had  been  dormant.  All  of  a  sudden,  at  the 
1 1th  hour  of  the  lame  duck  legislative  session,  it’s  sent  to 
the  state  senate,  with  no  notification.  We  had  about  one 
week  to  mount  a  campaign.  We  mounted  a  grass-roots 
campaign  to  get  the  governor  to  veto  it.  He  eventually 
signed  it,  but  the  city  got  a  waiver  out  of  that  [Verizon 
agreed  not  to  oppose  the  Wireless  Philadelphia  project] . 
We  approached  Verizon  for  a  compromise,  the  governor 
put  a  little  pressure  on,  and  we  worked  it  out. 

What's  your  view  on  these  kinds  of  restrictions  that  are 
being  passed? 

It’s  bad  for  the  state  and  for  the  country. The  U.S.  has 
slipped  from  being  third  in  the  world  in  broadband 
deployment  to  being  seventh.  If  you  slow  that,  we’ll  con¬ 
tinue  to  slip. 

Why  would  that  be  a  problem? 

It’s  in  the  ability  to  deliver  new  services  and  products. 
Think  about  how  the  World  Wide  Web  has  impacted  our 
way  of  doing  business,  our  work  and  play  If  it  takes  15 
years  to  roll  out  broadband  fiber  to  the  curb,  the  world 
wili  have  passed  us  by  It  costs  an  average  of  about  $18 
to  pass  a  house  with  Wi-Fi.  But  it  costs  $7,800  to  $10,000 
for  cable  and  $2,000  to  $3,000  for  fiber.  You ’re  able  to 
uplift  everyone  with  those  lower  wireless  LAN  costs. 

So,  what's  the  status  of  the  Wireless  Philadelphia  project? 

The  executive  committee  [presented]  its  recommen¬ 
dations  to  the  mayor  [in  December], and  next  we’ll  put 
out  a  request  for  proposals. . .  .We’ll  make  an  award  and 
start  deployment  in  the  summer. 

Where  did  the  idea  for  this  citywide,  broadband  wireless 
access  come  from? 

In  April  2003,1  presented  to  the  mayor  a  briefing  paper. 
He  asked  me  to  do  a  pilot,  and  Love  Park  [near  City  Hall] 
was  selected  for  an  outdoor  wireless  LAN  mesh  net.  We 
deployed  an  802.1  lb  network  in  June  2004.  It  was  wildly 
successful  with  virtually  no  advertising.lt  was  expanded 
along  Ben  Franklin  Parkway  to  Boathouse  Row.  All  these 
are  mostly  public  spaces.  But  there  were  also  wireless 
LAN  pilots  funded  by  outside  sources  in  other  areas.  One 
is  the  People’s  Emergency  Center,  which  works  with 
homeless  and  disadvantaged  families  in  West  Phila¬ 
delphia.  They  created  a  small  wireless  project  [www.pec- 
cares.org/CivitiumPECCSIntro.pdf]  of  about  40  homes. 
Cisco  later  funded  the  expansion  to  cover  100  homes. 


What  made  you  think  that  a  citywide  net  was  valid,  economi¬ 
cally  and  socially? 

Part  of  my  job  is  watching  emerging  technologies  and 
to  align  them  with  the  mayor’s  goals,  and  Wi-Fi  is  one  of 
those  targeted  areas. With  the  802.11  standards,  the  cost 
points  and  what  Mayor  [John]  Street  was  trying  to  do 
with  his  Neighborhood  Transformation  Initiative,  they  all 
seemed  to  fit.The  mayor  appointed  the  stakeholders  to 
an  executive  committee  and  asked  us  to  put  together  a 
business  plan. 

Realistically,  how  many  companies  actually  make  a  relocation 
or  expansion  decision  based  on  whether  a  city  has  a  wireless 
access  network? 

If  you  don’t  have  this  broadband  infrastructure,  you 
don’t  make  the  short  list  of  locations  the  companies 
consider  for  moving  or  expanding. They  look  at  ques¬ 
tions  like:  Is  your  city  known  for  being  a  technology 
city?  Does  it  support  innovation? 

None  of  those  questions  individually  are  the  reason 
why  a  business  wili  move.  But  based  on  the  input  we 
got  and  the  market  studies  we’ve  seen,  this  is  definitely 
a  requirement. 

How  much  will  all  this  cost? 

The  capital  spending  will  be  about  $10  million.  About 
$1.5  million  will  needed  yearly  to  run  and  maintain 
that  network. 


Where  will  the  money  come  from? 

From  the  start,  the  mayor  said  it  had  to  be  ‘cost  neutral’ 
—  any  upfront  dollars  would  have  to  be  paid  back,  and 
we’ll  have  to  charge  fees  both  to  maintain  the  network 
and  do  various  education  and  other  programs  that  will 
help  residents  and  small  businesses  make  use  of  it. 

Programs  such  as  what? 

It’s  about  putting  in  the  training  and  education  and,  in 
the  case  of  the  disadvantaged,  the  computer  equipment 
in  their  homes.  It’s  also  working  with  small  businesses  to 
help  them  be  able  to  use  the  Internet  so  they  can  be 
competitive.  It’s  about  improving  the  quality  of  life.  Our 
schools  have  been  working  diligently  to  wire,  or  unwire, 
their  campuses.  But  they  need  to  reach  into  the  home 
so  families  can  communicate  with  teachers  and  admin¬ 
istrators,  access  homework  assignments  and  grades. 
Today  there  is  no  affordable  broadband  access  that’s  in 
all  the  neighborhoods. 

How  have  you  dealt  with  the  philosophical  issue  of  offering 
such  a  network  as  a  city  service  instead  of  leaving  it  to  the 
private  sector? 

We  did  13  stakeholder  focus  groups:  Each  member  of 
the  [Wireless  Philadelphia]  executive  committee  brought 
in  people  from  health,  or  tourism,  or  education,  from  our 
small-business  chamber,  and  our  minority  chamber. They 
all  supported  it.There  were  concerns  and  issues.  For 
example,  they  didn’t  want  it  to  be  built  with  city  dollars. 
Another  concern  was  obsolescence:  Would  the  net  gener¬ 
ate  enough  money  to  keep  it  up  to  date?  We  spent  consid¬ 
erable  time  discussing  that  and  coming  up  with  recom¬ 
mendations  to  generate  cash  flow  to  sustain  and  upgrade 
the  system  during  a  five-  to  seven-year  time  frame. 

What  options  did  you  consider  for  funding  this  wireless  LAN? 

We  considered  everything  from  public  access  organiza¬ 
tions  funded  by  grants  to  a  government-run  net  funded 
through  capital  dollars,  and  everything  in  between.  One 
option  is  a  private  consortium  model  —  you  pay  them  to 
build  it.  Or  the  public  utility  model:  to  run  it  like  a  water 
or  sewer  service.  Another  is  a  cooperative  wholesale 
model: The  government  or  a  nonprofit  contracts  to  have  it 
built,  then  using  a  wholesale  rate  structure,  have  ISPs  or 
other  providers  deliver  services  over  that  infrastructure.  ■ 
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Dianah  Neff 


City  of  Philadelphia 
455  employees 
$81  million 

B.A.  in  economics  and  marketing,  San  Jose  State,  MBA 
courses  at  UC  Berkeley. 

CIO  or  IS  director  at  several  cities,  including  Bellevue,  Wash 
Palo  Alto  and  San  Diego.  Before  working  in  govern¬ 
ment,  she  had  14  years’  experience  working  for  soft¬ 
ware  and  hardware  firms  in  Silicon  Valley. 


“My  department  is  responsible  for  one  of  the  most 
sophisticated  geographic  information  systems 
in  local  government  nationwide,  but  I  am 
personally  directionally  challenged." 

yr* 


1^  More  online!  www.nwfiision.com 

For  more  of  the  interview,  head  online.  DocFinder:  5537 
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UT  FEEL  FOR  THE  ACQUISITI 
TS  OF  LINUX  VS.  WINDOWS? 
HERE'S  A  DETAILED  ANALYSIS. 
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Source:  BearingPoint,  2004 
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A  recent  study  of  licensing  and  support  costs  conducted  by  BearingPoint, 
a  leading  independent  consulting  firm,  found  that  these  acquisition  costs 
for  Windows  Server™2003  are  comparable  to  Red  Hat  Enterprise  Linux  or 
Novell's  SUSE  Linux  Enterprise  Server  "despite  the  common  perception  that 
Linux  is  free  or  very  inexpensive."  However,  if  you  require  full  24x7  phone 
support  on  all  servers,  licensing  and  support  for  Windows  Server  2003  can 
cost  up  to  73%  less  than  Red  Hat  Enterprise  Linux*  over  five  years. 

For  the  full  study,  visit  microsoft.com/getthefacts 


Enterprise  Business  Scenario 


|  Windows  Server  2003  Full  Support  (24x7):  10%  of  servers  are  Enterprise  Edition,  90%  Standard  Edition 
|  Red  Hat  Full  Support  (24x7):  100%  of  servers  are  AS  Premium 

BS  Red  Hat  Limited  Support:  10%  of  servers  are  AS  Premium  (24x7),  90%  ES  Standard  (12x5) 


1  YEAR  3  YEARS  5  YEARS 


Windows 
Server  System 


•Red  Hat  Full  Support  (24x7)  estimates  based  on  case  where  100%  of  servers  are  Enterprise  Linux  AS  Premium.  Red  Hat  Limited  Support  estimates  are  based  on  case  where  10%  of  servers  are  Enterprise  Linux  AS  Premium  (24x7  phone 
support)  and  90%  are  Enterprise  Linux  ES  Standard  subscriptions  (9  a.m.-9  p.m.  EST  M-F  phone  support).  Windows  Server  estimates  are  based  on  case  where  10%  of  servers  are  Windows  Server  2003  Enterprise  Edition  and  90%  are 

Windows  Server  2003  Standard  Edition  (24x7  phone  support  on  all).  This  study  was  commissioned  by  Microsoft.  ©  2005  Microsoft  Corporation.  All  rights  reserved.  Microsoft,  Windows,  the  Windows  logo,  Windows  Server,  and  Windows 
Server  System  are  either  registered  trademarks  or  trademarks  of  Microsoft  Corporation  in  the  United  States  and/or  other  countries.  The  names  of  actual  companies  and  products  mentioned  herein  may  be  the  trademarks  of  their  respective  owners 


The  server  platform  of  choice 

just  got  better. 


Introducing  the  Inter  Xeori"  processor  with 
support  for  32-  and  64-bit  applications. 


Al 


server  platform  in  the  world  can  now  work  even  harder. 

And  new  platform  technologies  enable  increased  power  savings, 

flexibility  and  performance.  For  more 
information — and  more  choice — visit  intel.com/business. 


Support  for 
32-  and  64-bit 
applications 


Improved 

power-saving 

options 


Flexible  memory, 
I/O  and  storage 
configurations 


Intel 


@2004  Intel  Corporation.  Intel.  Intel  inside,  the  Intel  Inside  logo,  and  Intel  Xeon  are  trademarks  or  registered  trademarks  of  Intel  Corporation  or  its  subsidiaries  in  the  United  States  and  other  countries.  All  rights  reserved. 
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Cisco  poised  for  a  big  buyout  year 


BY  PHIL  HOCHMUTH 


Cisco’s  12  acquisitions  last  year  were  the 
most  for  the  network  giant  since  the  tech 
bubble  heyday  and  could  portend  even 
bigger  spending  in  2005. 

Only  13  days  into  the  new  year,  Cisco 
acquired  its  first  company  with  a  $450  mil- 


■  Nokia  has  introduced  a  set  of 
IPSecVPN  gateways  to  support 
handheld  devices  for  businesses  that 
want  to  secure  connections  with 
mobile  workers.  The  IPVPN  product 
family  supports  certain  Nokia  hand¬ 
helds  and  cellular  phones  based  on 
the  Symbian  operating  system  that 
logs  on  to  corporate  networks  via  Wi¬ 
Fi  Internet  connections.  This  means  a 
remote  user  would  have  to  be  in 
range  of  a  Wi-Fi  access  point,  either  at 
home,  at  work  or  at  a  public  hot  spot. 

The  gateways  also  support  Micro¬ 
soft's  VPN  client  software  found  on  its 
PC  operating  systems,  so  laptops  and 
even  wired  PCs  could  log  on  via  the 
gateways.  The  four  devices,  called 
IPVPN  5i,  lOi,  50i  and  lOOi,  support  a 
range  of  remote  users,  from  25  to 
10,000  tunnels,  at  prices  ranging  from 
$400  to  $10,000. 


lion  acquisition  of  wireless  LAN  (WLAN) 
switch  vendor  Airespace  last  week.  And 
analysts  don’t  expect  the  network  vendor 
to  stop  there.  A  recent  trend  of  IT  industry 
acquisitions  and  signals  from  Cisco  that  it 
is  looking  to  enter  new  markets  are  among 
the  signs  pointing  to  more  Cisco  buyouts. 

Observers  say  Cisco’s  acquisition  focus 
could  lean  toward  technologies  such  as 
protocol  offload  and  acceleration  wares, 
WLAN  (WLAN)  switching  and  manage¬ 
ment  software  platforms.  Analysts  also 
expect  John  Chambers  to  reveal  some  of 
his  much-touted,  but  as  yet  unnamed,  six 
new  advanced  technologies  the  company 
will  target  in  2005. 

Cisco  historically  has  been  an  acquisi¬ 
tion  ace,  building  its  market-leading  router, 
switch  security  and  VoIP  business  lines  on 
acquired  companies’  technology  Last  year, 
Cisco  acquisitions,  the  most  since  2001, 
were  worth  a  total  of  approximately  $805 
million.The  company  used  acquisitions  to 
enter  new  markets,  such  as  wide-area  stor¬ 
age  management,  and  to  augment  its  cur¬ 
rent  technologies  such  as  network  security, 
routing  and  VoIP 

“We  use  acquisitions  to  enter  new  mar¬ 
kets,  not  to  acquire  where  have  a  large  pres¬ 
ence  in  terms  of  positioning,”  Chambers 
said  at  the  company’s  analyst  conference 
last  month. With  $3.3  billion  in  cash, no  new 
market  is  out  of  reach  for  Cisco  to  buy  into. 


Keep  'em  hanging 

Chambers  also  has  kept  industry  watch¬ 
ers  hanging  since  he  mentioned  last  June 
that  Cisco  soon  would  announce  six  new 
advanced  technology  areas,  in  addition  to 
the  six  advanced  technologies  (non¬ 
switching  and  routing)  it  is  already  in¬ 
volved  in:  optical,  network  security  IP  tele¬ 
phony,  WLAN,  storage  networking  and 
home  networking.  When  Cisco’s  new  ad¬ 
vanced  technologies  are  named,  acquisi¬ 
tions  are  expected  to  follow  shortly. 

“There  is  a  reasonable  likelihood  that  at 
least  some  new  advanced  technology 
areas  could  be  software-centric,” said  Brant¬ 
ley  Thompson  of  Goldman  Sachs,  in  a 
recent  report  on  Cisco’s  acquisition  direc¬ 
tions.  “Recent  acquisitions  definitely  sug¬ 
gest  this  direction.” 

Almost  half  of  Cisco’s  acquisitions  last 
year  were  software-focused  companies. 
These  included  Protego  and  Perfigo,  secur¬ 
ity  management  and  enforcement  software 
makers;  Dynamicsoft,  which  makes  carrier 
VoIP  management  software;  desktop  secur¬ 
ity  software  maker  Twingo;  and  network 
management  vendor  Jahi  Networks. 

According  to  Thompson,  future  software 
acquisitions  and  new  technology  areas  for 
Cisco  could  include  applications  for  man¬ 
aging  video-on-demand  services,  network 
management  software  for  virtualizing  cor¬ 
porate  data  center  resources  (such  as  stor¬ 


Gisco's  expensive  habit 

An  uptick  in  acquisitions  last  year 
could  signal  a  big  2005  for  buyouts 
for  the  network  vendor,  analysts  say. 

Total  amount  spent  (in  billions) 

$12.75 


14 


2003  2004 


!  22  acquisitions 
!  2  acquisitions 
6  acquisitions 
i  4  acqusitions 
12  acquisitions 


SOURCE:  CISCO 


age,  processors  and  applications), and  new 
software  platforms  for  managing  how  carri¬ 
ers  deliver  services  to  business  customers. 

Cisco’s  buyout  of  Airespace  is  a  good  fit, 
according  to  some  analysts,  even  though 

See  Cisco,  page  22 


Trapeze  upgrade  eases  WLAN  mgmt 


■  Checkpoint  has  released  Version 
2.0  of  Gonnectra  software  for  its 
Web  security  that  try  with  the  same 
name,  adding  a  mechanism  to  check 
that  machines  attempting  to  join  an 
SSL  VPN  session  meet  security  poli¬ 
cies.  The  host-checking  software 
looks  for  updated  anti-virus  software 
and  firewall  settings,  while  scanning 
for  spyware.  The  new  software  also 
encrypts  data  on  the  remote 
machines  and  can  restrict  browser 
functions  to  make  sure  data  trans¬ 
ferred  during  an  SSL  session  doesn't 
escape  the  session  and  get  stored 
elsewhere  on  the  hard  drive.  The  soft¬ 
ware  is  also  available  to  be  installed 
on  customer-owned  servers  and 
ranges  in  price  from  $8,000  for  50 
users  to  $60,000  for  1,000  users. 


■  BY  JOHN  COX 

A  new  version  of  Trapeze  Networks’  wire¬ 
less  LAN  design  and  management  applica¬ 
tion  lets  administrators  configure  and  mon¬ 
itor  large  wireless  networks  more  easily 

In  Version  3.1  of  RingMaster,  Trapeze 
introduces  graphical  wizards  to  configure 
the  company’s  WLAN  switches  and  access 
points,  and  a  client/server  framework  for 
monitoring  WLANs  that  might  have  hun¬ 
dreds  of  devices,  including  clients. 

Despite  the  changes,  RingMaster  remains 
a  complex  application  that  requires  train¬ 
ing  to  use  its  many  features  effectively  one 
Trapeze  user  says. 

“RingMaster  is  a  complex  program,  and  it 
has  a  lot  of  capabilities  for  [WLAN]  design, 
site  management,  and  mobility  manage¬ 
ment,”  says  Chip  Greel,  senior  network 
architect  at  Finisar,  a  fiber-optic  subsystem 


vendor,  and  a  Trapeze  customer  in  Sunny¬ 
vale,  Calif.  “The  hardest  thing  is  to  under¬ 
stand  the  confluence  of  these  three  areas. . 
. .  It’s  not  the  kind  of  product  you  can  buy 
and  use  off-the-shelf  without  having  your 
hand  held  by  customer  support.” 

The  RingMaster  software  has  been  a  key 
element  of  Trapeze’s  WLAN  switch  offering 
from  the  beginning.  Users  can  import  a 
CAD  drawing  of  a  building,  select  some 
network  criteria,  and  the  software  will  cre¬ 
ate  a  map  that  shows  where  to  place  the 
Trapeze  access  points,  and  how  to  config¬ 
ure  them. 

Once  the  access  points  and  switches 
have  been  installed,  RingMaster  uses  the 
same  data  to  configure  these  devices.  It 
then  monitors  them,  and  the  entire  radio 
signal  environment,  using  the  original  data 
as  a  baseline  for  identifying  changes,  such 
as  an  unauthorized  access  point, a  drop-off 


in  performance  or  a  change  in  a  radio  sig¬ 
nal’s  strength. 

Trapeze  says  RingMaster  is  one  of  the  few 
WLAN  management  applications  that 
blends  a  range  of  features  into  one  pro¬ 
gram.  Some  rivals,  including  Cisco  and 
Airespace,  have  several  separate  applica¬ 
tions.  Aruba  Wireless  Networks,  another 
competitor,  has  a  somewhat  similar  prod¬ 
uct  in  RF  Director,  although  both  vendors 
emphasize  different  features. 

Version  3.1  has  added  a  set  of  graphical 
wizards  to  walk  administrators  through  the 
process  of  setting  up  the  Trapeze  switches 
and  access  points. 

Another  new  feature  is  automatic  verifi¬ 
cation.  RingMaster  now  checks  the  settings 
being  made  during  configuration. The  soft¬ 
ware  now  can  catch  a  mistake  during  the 
setup  process, and  suggest  a  fix.The  admin- 
See  Trapeze,  page  23 
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IPS  gets  bigger  role  in  spyware  defense 


■  BY  ELLEN  MESSMER 

Users  looking  to  get  a  handle  on 
the  spyware  scourge  are  getting 
help  from  traditional  intrusion- 
prevention  system  vendors  that 
are  starting  to  add  features  that 
block  spyware,  worms  and  other 
security  threats. 

McAfee  this  week  will  an¬ 
nounce  it  has  added  a  spyware¬ 
blocking  capability  to  its  Intru- 
Shield  network  IPS,  and  Tipping- 
Point  Technologies,  which  3Com 
acquired  last  month,  is  expected 
to  ship  a  high-speed  IPS  with 
spyware  protection  later  this 
quarter. 

So  far,  a  handful  of  vendors,  in¬ 
cluding  Blue  Coat  Systems,  have 
introduced  gateway-based  anti¬ 
spyware  products.  Spyware  pro¬ 
tection  —  a  growing  area  of  inter¬ 
est  of  corporations  plagued  by 
the  wide  variety  of  adware  and 
Trojans  —  is  more  available,  as 
desktop  software  products  from 
anti-spyware  start-ups,  some  anti- 
vims  vendors,  and  now  Microsoft, 
with  its  acquisition  of  Giant 
Company  Software  last  month, 
are  added. 

McAfee  —  which  refers  to  spy- 
ware  as  any  “potentially  unwant¬ 
ed  programs” —  will  make  its  first 
set  of  anti-spyware  signatures  for 


its  IntruShield  IPS  product  line 
available  to  customers  for  free. 

The  release,  available  this  week, 
will  focus  on  about  30  types  of  ad¬ 
ware  and  Trojans  considered  the 
most  prevalent  or  dangerous, 
including  Gator  and  ByteVerify 
The  company  plans  to  add  anti¬ 
spyware  updates,  just  as  it  might 
issue  updates  for  virus  or  worm 
signatures. 

McAfee  also  this  week  will  also 


announce  the  beta  version  of 
desktop  software  called  McAfee 
Anti-Spyware  Enterprise  Edition 
Module. 

The  software  scans  to  identity 
alert,  block  and  eliminate  spy- 
ware,  adware,  dialers,  key-loggers, 
Trojans  and  remote-access  tools. 
According  to  John  Bedrick,  group 
marketing  manager,  the  module 
detects  about  4,000  types  of  spy- 
ware.  Based  on  volume,  the  mod¬ 


ule  will  cost  $4.95  to  approxi¬ 
mately  $20.  McAfee  Anti-Spyware 
Enterprise  Edition  will  ship  later 
this  quarter. 

Meanwhile,  TippingPoint  also 
wants  to  handle  spyware  preven¬ 
tion  via  its  IPS. 

In  an  announcement  expected 
next  month,  TippingPoint  will 
unveil  the  high-speed  UnityOne- 
5000E  IPS  which  can  reach  5G 
bit/sec.  It,  too,  will  not  only  detect 


denial-of-service  attacks  and 
block  attacks,  but  it  also  will 
block  several  types  of  spyware. 

The  UnityOne-5000E  appliance, 
expected  to  ship  during  the  first 
quarter,  will  have  eight  gigabit 
Ethernet  ports  to  protect  four  net¬ 
work  segments.  A  source  at  Tip- 
pingFbint,  which  confirmed  plans 
for  the  UnityOne-5000E  appli¬ 
ance,  said  that  price  has  not  yet 
been  set.  ■ 


Cisco 

continued  from  page  21 

Cisco  is  already  dominant  in  the  enterprise 
WLAN  market.  Although  Cisco  announced  its 
Structured  Wireless-Aware  Network  (SWAN) 
architecture  this  year,  that  architecture  is  more 
expensive  to  deploy  and  less  secure  than  tech¬ 
nology  vendors  such  as  Aruba  Wireless  Net¬ 
works  offer,  some  observers  say 

Acquiring  Airespace  “makes  sense,”  says  Jon 
Oltsik,  a  senior  analyst  with  Enterprise  Strategy 
Group.  “Cisco  has  security  in  all  their  network 
products  except  wireless,  where  they  also  hap¬ 
pen  to  have  a  dominant  market  position.” 

Oltsik  says  that  another  area  where  Cisco 
could  acquire  is  in  network  integration  and 
management  services  —  a  market  it  broke 
into  last  fall  when  it  bought  VoIP  services  com¬ 
pany  NetSolve. 

Some  emerging  network  technologies  miss¬ 
ing  from  Cisco’s  menu  include  traffic  acceler¬ 


ation  in  data  centers  and  on  WAN  router  links, 
another  industry  analyst  says. 

“We’re  seeing  a  lot  of  interest  in  the  applica¬ 
tion  acceleration  market,”  says  Lawrence 
Orans,  principal  analyst  with  Gartner.  Vendors 
in  this  market  include  Redline  Networks, 
NetScaler  and  Crescendo  Networks.  Going 
beyond  server  load  balancing,  where  Cisco 
leads  the  market,  these  companies’  boxes 
offload  TCP  connection  processing  and  other 
tasks  from  servers  and  allow  for  better  appli¬ 
cation  performance. 

“If  you  think  about  what  some  of  these  com¬ 
panies  are  doing  with  TCP  connection  man¬ 
agement,  there’s  no  reason  why  that  can’t  be 
done  in  a  router  or  switch,”  Orans  says. 

Cisco  CTO  Charlie  Giancarlo  has  stated  spe¬ 
cific  interest  in  technology  for  accelerating 
XML  traffic  on  networks  using  Web  services. 
“Where  we  really  see  ourselves  going  is 
towards  full  message-based  routing  —  things 
like  XML  messages,”  Giancarlo  says. 


To  that  end,  XML  acceleration  and  security 
start-ups, such  as  Sarvega  and  DataFbwer,  are 
likely  targets,  Enterprise  Strategy  Group’s 
Oltsik  says. 

“Web  services  need  network-based  security 
authentication,  encryption  as  well  as  proces¬ 
sor  off-loading,”  he  says.  “DataFbwer  has  a 
bunch  of  real  networking  geniuses  working  on 
that  kind  of  thing.” 

Also  in  the  acceleration  realm,  Cisco  could 
acquire  companies  in  the  WAN  bandwidth 
optimization  market,  where  companies  such 
as  Perabit  and  Expand  Networks  are  leaders. 
These  vendors  make  boxes  that  compresses 
traffic  and  speeds  up  WAN  links. 

“Cisco  has  a  compression  module  for  its 
branch  office  routers,  but  these  newer  ven¬ 
dors  have  better  algorithms,”  Orans  says. 
“Cisco  is  letting  these  guys  into  their  network 
accounts,  and  it  doesn’t  have  to  be  that  way. 
I  don’t  know  why  they’ve  waited  to  get  into 
this  market.”  ■ 
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With  many  technologies, we’ve  had  to 
wait  through  many  “years  of”  —  as 
in  “this  is  the  year  of  VoIP” —  before 
vendors  finally  delivered  on  their  promis¬ 
es.  That  hasn’t  been  the  case  with  wireless 
LANs.  The  level  of  vendor  innovation  has 
been  nothing  short  of  astonishing,  with 
vendors  finding  solutions  for  range, 
throughput,  interference  —  you  name  it. 
With  all  that,  WLANs  have  become  a  mag¬ 
net  for  all  kinds  of  uses.  But  beware:  As  with 
any  system,  you  can  just  pile  on  applica¬ 
tions  without  understanding  the  impact. 

By  now,  we’ve  all  become  accustomed  to 
conducting  our  normal  business  —  data 
access,  e-mail,  file  transfer  —  across  our 
WLAN  connections.  And  while  we  are  not 
going  to  get  the  throughput  out  of  an 
802.1  lg  (rated  at  54M  bit/sec)  connection 
as  we  will  out  of  the  Gigabit  Ethernet  con¬ 
nection  that  comes  standard  on  more 
computers  (even  notebooks), the  freedom 
and  flexibility  we  get  more  than  makes  up 
for  any  trade-off  in  speed.  After  all,  few  of  us 
are  moving  multi-gigabyte  files  around  all 
day  anyway  So  far,  so  good. 

At  the  same  time,  the  “year  of  VoIP”  finally 
has  arrived  —  so  many  of  us  have  this  as 
our  standard  voice  interface.  And  VoIP  and 
WLANs  converge  almost  instantly 
Many  companies  offer  solutions  that  look 


Look  ahead  2005  -  avoid  WLAN  'pileups' 


like  traditional  telephone  handsets  but  are, 
in  fact,  native  Wi-Fi  devices.  SpectraLink  is 
one  of  the  early  innovators  in  this  area. 
These  systems  can  be  easily  integrated  into 
the  enterprise  WLAN  infrastructure. 

And  even  if  you  haven’t  gotten  to  that 
point  yet,  you  may  well  be  using  a  soft- 
phone  on  your  notebook  which,  when  you 
are  working  wirelessly,  will  traverse 
your  WLAN. 

VoIP  over-WLAN  (VoWLAN)  providers 
are  aware  of  the  importance  of  voice  — 
and  the  problems  that  congested  links  can 
bring.  Where  congestion  might  cause  your 
file  transfer  or  e-mail  sync  to  slow  down  or 
hang  briefly  (which  you  might  not  even 
notice),  that  same  congestion  could  shut 
down  your  voice  conversation  or  degrade 
the  quality  to  such  a  degree  that  you’ll  start 
telling  your  conversation  partner — “I’ll  call 
you  back  on  a  land  line.” 

Now  VoWLAN  vendors  (and  their  enter¬ 
prise  WLAN  switch  partners)  are  aware  of 
this  and  QoS  solutions,  mostly  proprietary 
today  with  standards-based,  will  follow. 

Good  thing,  because  an  “eveiything-over- 
WLAN”  movement  seems  to  be  building  up 
fairly  quickly  and  congestion  could  be 
more  than  just  a  “sometimes”  occurrence. 

Video  surveillance  over  IP  appears  to  be 
growing  rapidly,  too.  Certainly  the  hardware 
and  software  to  implement  such  a  solution 
is  readily  available  and  reasonably  inex¬ 
pensive.  And  with  a  post-Sept.  1 1  focus  on 
security  many  companies  are  implement¬ 
ing  or  upgrading  existing  security 

With  surveillance,  one  of  the  biggest  costs 
is  likely  to  be  running  cable  out  to  the  var¬ 


ious  far-flung  locations  at  your  building  or 
warehouse.  Thus,  using  802.11  wireless 
cameras  is  a  very  attractive  option.  But 
the  potential  of  literally  endless  video¬ 
streaming  (from  potentially  many  cam¬ 
eras)  could  eat  up  a  great  deal  of  the  rel¬ 
atively  little  —  and  shared  —  bandwidth 
that  one  access  point  offers. 

If  that  wasn’t  enough,  we  have  vendors 
like  Iomega  offering  storage  devices  with 
a  built-in  WLAN  interface.  Now  a  back¬ 
end  WLAN  device  can  find  itself  being 


Trapeze 

continued  from  page  21 

istrator  simply  clicks  a  button  to  make  the 
change. 

Trapeze  also  has  revamped  its  configura¬ 
tion  features  for  the  new  version.  One 
change  is  the  introduction  of  what 
Trapeze  calls  distributed  monitor  servers. 
These  are  software  programs  that  can  be 
loaded  on  servers  around  a  campus  or  in 
remote  offices.  Several  administrators  can 
access  these  servers  from  PCs  anywhere 
on  the  network. The  servers  continuously 
monitor  the  WLAN  infrastructure  and 
clients,  which  now  can  number  hun¬ 
dreds,  or  even  thousands,  according  to 
Bruce  Van  Nice,  vice  president  of  market¬ 
ing  at  Trapeze. 

“It’s  a  cool  feature,  for  sure,“  Finisar’s 
Greel  says.“If  you  have  three  or  four  peo¬ 
ple  managing  [the  WLAN] ,  which  you’d 
need  in  a  really  big  mobility  domain,  then 
it  would  be  really  useful.” 


pummeled  perhaps  by  dozens  of  clients 
hardwired  to  the  company  Fast  Ethernet 
or  Gigabit  Ethernet  network. 

So  leverage  your  WLAN  but  be  acutely 
aware  of  the  network  characteristics  of 
devices  and  applications  you  layer  on. 
Avoid  a  WLAN  pileup. 

Tolly  is  president  of  The  Tolly  Group,  a 
strategic  consulting  and  independent  test¬ 
ing  company  in  Boca  Raton,  Fla.  He  can  be 
reached  at  ktolly@toliy.com. 


With  this  client/server  framework,  there 
is  now  also  one  window,  dubbed  the 
dashboard,  that  consolidates  all  of 
RingMaster’s  monitoring  functions. 
Previously,  the  software  had  separate 
monitoring  tools,  each  with  a  separate 
user  interface. 

With  these  monitoring  changes,  admin¬ 
istrators  now  can  open  windows  that 
show  WLAN  activity  for  specific  access 
points  and  their  associated  clients,  or 
even  individual  client  devices,  anywhere 
on  the  WLAN, Van  Nice  says. 

A  greatly  expanded  reporting  capability 
is  also  new.  RingMaster  can  store  and  ana¬ 
lyze  data  for  the  WLAN  over  as  long  as  30 
days.  Administrators  can  run  a  variety  of 
ready-to-use  reports  to  see  trends  in  per¬ 
formance,  traffic,  radio  behavior,  client 
activity  and  the  like. “It’s  a  huge  improve¬ 
ment,”  Greel  says. “There’s  more  flexibility 
and  more  detail  [in  reports] .” 

Pricing  starts  at  about  $2,000  for  up  to 
five  Trapeze  switches.  ■ 


The  only  effective  security  is  preemption.  This  preemptive  power  is  only  available 
with  the  Proventia™  ESP  Security  Platform  from  Internet  Security  Systems.  When  software  security 
flaws  are  discovered,  Internet  Security  Systems’  world-renowned  research  team  updates 
Proventia  to  immediately  shield  against  any  attacks  targeting  weak  spots.  Regardless 
of  the  size  of  your  business,  this  new  standard  in  Internet  security  can  help  keep 
you  off  the  path  to  disaster  and  reduce  your  total  cost  of  ownership  -  In  fact,  when 
we  manage  Proventia  for  you,  we'll  even  guarantee  protection.  Need  proof? 
Get  your  free  whitepaper,  Preemptive  Protection:  Setting  a  New  Standard  in  Security, 
at  www.iss.net/proof/wp  or  call  800-776-2362. 
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m  BY  TIM  GREENE 

While  mobile  VoIP  technology  is  finding  a  home  in 
hospitals  and  manufacturing  plants  where  work¬ 
ers  need  to  stay  connected  as  they  roam,  rollouts 
still  require  painstaking  work,  users  say 
At  San  Antonio  Community  Hospital  in  Upland,  Calif., 
VoIP  is  second  on  the  list  of  applications  being  imple¬ 
mented  over  the  facility’s  Wi-Fi  network  —  right  after 
bedside  and  operating-room  computer  access  to  patient 
records  and  X-rays,  says  Irv  Hoff,  the  hospital’s  manager 
of  converged  networks. 

True  mobility  and  cost  were  major  concerns  Hoff  had 
to  overcome  about  Wi-Fi,  but  he  is  now  convinced  the 
technology  meets  his  needs.  Still  to  be  worked  out: 
details  of  deploying  VoIP  to  avoid  problems  such  as  calls 
dropping  between  access  points  and  barriers  within 
buildings  blocking  calls.“We  want  the  quality  of  the  call 
to  be  equal  to  what  you  expect  from  a  wired  phone, 
given  that  we  control  the  environment,”  Hoff  says. 

The  problems  are  complex  because  VoIP  over  Wi-Fi 
combines  the  issues  of  wireless  LANs  (WLAN)  with 
those  of  IP  telephony.  As  WLANs  for  data  become  more 
and  more  accepted,  so  will  VoIP  over  Wi-Fi,  says  Will 
Stofega,  an  analyst  with  IDC,  but  the  potential  problems 
with  VoIP  must  be  dealt  with  first.“If  there  is  packet 
delay  or  loss,  you  hear  it  with  VoIP,”  Stofega  says.  And  as 
Wi-Fi  VoIP  phones  proliferate,  phone  calls  will  boost  the 
demand  on  wireless  networks.“If  you  give  people  mobil¬ 
ity  on  the  LAN,  you  have  to  increase  the  number  of 
access  points,”  he  says. 

Despite  such  issues,  Wi-Fi  networks  are  growing,  with 
worldwide  sales  of  wireless  mobile  network  infrastruc¬ 
ture  gear  projected  to  rise  from  about  $43  billion  last 
year  to  $49  billion  by  the  end  of  2008,  according  to 
IDC.  As  network  executives  get  comfortable  running 
data  over  these  networks,  they  will  increasingly  add 
VoipStofega  says.  At  the  moment,  VoIP  over  Wi-Fi  use  is 
very  limited.  As  the  technology  advances  to  make  its 
use  easier  and  to  assure  voice  quality,  that  use  will 
increase,  he  says. 

Vendors  selling  access  points  and  switches  capable  of 
supporting  VoIP  include  Airespace  (which  is  being 
bought  by  Cisco),  Aruba  Wireless  Networks,  Cisco, 
Siemens  and  Trapeze  Networks.  According  to  Siemens, 
the  top  users  are  hospitals,  retail  stores,  manufacturers 
and  warehouses. 

Keys  to  deployment 

For  Hoff,  the  first  step  is  making  sure  access  points  in 
the  hospital  cover  every  location  an  end  user  might  go 
in  the  building.Then  he  has  to  make  sure  there  are 
enough  overlapping  access  points  to  support  the  likely 
load  of  simultaneous  users  without  denying  service  to 
any  of  them.  He  is  using  Trapeze  gear  and  a  tool  the 
company  provides  called  RingMaster  that  maps  build¬ 
ings  and  the  effective  penetration  of  Wi-Fi  frequencies 
through  walls,  floors,  doors  and  windows. 

This  is  a  particularly  big  issue  in  hospitals,  where  reno¬ 
vations  that  change  the  configuration  of  walls  are  com¬ 
mon,  but  also  because  some  of  these  walls  are  shielded 
to  block  X-rays  and  are  therefore  unfriendly  to  Wi-Fi 


transmissions,  as  well. “We  do  a  lot  of  remodeling  —  new 
partitions,  new  offices,”  Hoff  says.  It’s  an  ongoing  process, 
so  as  the  hospital  makes  changes  it  records  them  in 
RingMaster,  which  identifies  new  blind  spots.Then 
access  points  are  reconfigured  to  get  around  them. 

Load  balancing  among  access  points  is  key  to  effi¬ 
cient  distribution  of  calls,  vendors  say.  Airespace 
access  points,  for  one,  distribute  users  evenly  in  envi¬ 
ronments  where  they  might  be  within  range  of  several 
devices  at  the  same  time.  Without  this  feature,  user 
gear  would  vie  for  entry  to  the  access  point  with  the 
strongest  signal.  Siemens  says  its  next  round  of  devices 
will  include  this  feature. 


What's  hotP 

By  the  end  of  2007,  there  will  be  a  total  of  about 
182,000  hot  spots  worldwide,  making  use  of  VoIP 
wireless  phones  by  mobile  workers  more  likely. 
The  U.S.  will  have  60,600  of  these,  according  to  IDC. 


Rest  of  world 


Assuming  there  are  enough  access  points  to  guaran¬ 
tee  coverage,  network  executives  have  to  ensure  fast 
handoffs  between  devices  as  callers  walk  in  and  out  of 
range  of  different  sites.The  switchover  has  to  take  less 
than  50  milliseconds  or  callers  can  hear  it  —  this 
means  careful  network  design  is  essential.  For  instance, 
with  voice  and  data  running  on  the  same  network,  the 
handoffs  can  take  from  a  half  second  to  10  seconds, 
with  the  presence  or  absence  of  data  on  the  network 
affecting  the  time  unpredictably,  according  to  Network 
World  Clear  Choice  testing  (see  www.nwfusion.com, 
DocFinder:  5535). 

Beyond  network  performance,  any  use  of  VoIP  over 
Wi-Fi  should  include  an  evaluation  of  voice  quality.“Do 
you  want  to  be  on  a  call  with  a  client  and  barely  be 
able  to  hear?”  Stofega  says. 

Future  roaming  outside 

While  roaming  within  a  building  might  be  good 
enough  for  staff  inside  a  hospital,  salespeople  that  roam 
the  country  also  can  benefit  from  wireless  VoIP  phones 
and  save  customers  money,  says  Keith  Waryas,  an  ana¬ 
lyst  with  IDC. 

Using  VoIP  wireless  phones  or  even  VoIP  softphone 
software  on  a  wireless  PC  can  turn  public  hot  spots  into 


havens  where  users  can  avoid  dipping  into  cellular 
minutes  where  expensive  residential  rates  might  apply, 
according  to  Waryas. 

“Most  business  users  are  getting  reimbursed  by  their 
companies  for  use  of  their  personal  cell  phones,”  he 
says.  So  a  company  would  issue  a  VoIP  wireless  phone 
to  roving  users  and  receive  fewer  expense  reports  for 
cell  phone  reimbursement. 

A  key  limiting  factor  that  remains  is  the  number  of 
public  hot  spots  available,  although  the  number  is  grow¬ 
ing  rapidly  (see  graphic). 

Even  when  there  are  enough,  corporations  would  have 
no  control  over  the  design  and  management  of  public 
hot-spot  networks,  so  quality  could  suffer.  Also,  users 
would  have  to  carry  around  two  phones  apiece  —  one 
for  Wi-Fi,  the  other  for  cellular  if  they  want  to  stay  in 
range  all  the  time.  Apparently,  though,  service  providers 
think  enough  customers  will  want  these  Wi-Fi  phones  to 
support  new  services.  VoIP  service  provider  Vonage 
recently  announced  a  service  supporting  Wi-Fi  phones 
(DocFinder:  5534).  And  Net2Phone  is  about  to  market  a 
similar  service  in  the  U.S.  after  initiating  it  in  Canada. 

Motorola,  in  conjunction  with  partners,  is  field  testing 
the  first  dual-mode  wireless  phones,  access  points  and 
PBXs  that  let  users  make  or  receive  calls  on  corporate 
Wi-Fi  networks  and  continue  them  on  GSM  networks  as 
they  move  out  of  Wi-Fi  range. 

So  a  doctor  starting  a  phone  conversation  in  the  hospi¬ 
tal  via  Wi-Fi  could  walk  out  of  the  building,  get  in  a  car 
and  drive  away  but  continue  the  call  because  the  net¬ 
work  flipped  it  over  to  a  cellular  network. 

Systems  involving  Motorola  hybrid  phones  require  use 
of  Avaya  PBXs  and  Proxim  access  points  to  coordinate 
the  handoff  of  calls,  and  are  touted  as  a  way  for  busi¬ 
nesses  to  save  on  cellular  costs.  Businesses  would  buy 
the  phones  and  set  up  corporate  cellular  accounts, 
which  would  let  them  negotiate  lower  cellular  rates 
than  their  employees  would  individually. 

The  phones  can  only  tap  into  specific  Wi-Fi  networks 
that  must  include  Motorola  presence  servers  that  keep 
track  of  where  users  are. 

Service  providers  could  offer  a  managed  service 
based  on  this  technology  Waryas  says  he  expects  at 
least  one  major  U.S.  carrier  to  announce  one  by  sum¬ 
mer.  This  could  give  users  seamless  transition  from  cel¬ 
lular  to  Wi-fi  at  public  hot  spots. 

One  hospital  telecom  manager,  who  would  speak  only 
if  he  was  not  identified,  is  considering  the  technology 
and  had  a  concern  about  billing.He  says  he’d  want  to 
know  how  the  network  decides  which  mode  to  use  and 
whether  there  would  be  a  fee  for  calls  received  on  the 
Wi-Fi  network. 

Advocates  of  this  type  of  service  say  businesses  will 
be  able  to  negotiate  good  cellular  deals  because  they 
will  need  large  buckets  of  calling  minutes.  Waryas  says 
he  thinks  such  services  will  allow  for  setting  up  least- 
cost  routing  to  keep  the  cost  down. 

If  billing  isn’t  a  problem,  these  dual-mode  services 
could  relieve  some  of  the  Wi-Fi  coverage  issues  within 
buildings,  Waryas  adds.  If  a  user  wandered  into  a  dead 
spot  within  a  building,  the  call  would  continue  as  a  cell 
call  rather  than  drop,  he  says.H 


Veritas  customers  wary  of  merger 

Symantec  takeover  raises  support  questions. 


VMware  tunes 
virtualization 
for  laptop  and 
desktop  PCs 

■  BY  JENNIFER  MEARS 

The  WP  Cary  School  of  Business  at  Ari¬ 
zona  State  University  in  Phoenix  wants  to 
make  sure  its  MBA  students  stay  connect¬ 
ed.  IT  managers  there  also  want  to  make 
sure  the  school’s  network  stays  secure. 

So  for  the  past  few  years,  the  school  has 
used  VMware’s  Workstation  product,  which 
creates  isolated  virtual  computing  en¬ 
vironments  that  include  an  operating  sys¬ 
tem,  applications,  data  and  security,  in  a 
software  file  on  the  computer. 

The  trouble  is  that  Workstation  was  com¬ 
plex  and  required  technical  expertise.This 
became  a  burden  as  the  school  looked  at 
launching  virtual  machine  software  on 
hundreds  of  personal  laptops  and  PCs. 

“We  wanted  a  lighter-weight  version  of 
Workstation,”  says  Scott  Worthington,  tech¬ 
nology  support  analyst  senior  [sic]  at  ASU. 

Worthington  also  wanted  a  more  fine 
grained  way  to  secure  and  manage  the  vir¬ 
tual  machines  running  on  the  end-user 
devices. 

What  he  got  was  VMware  ACE  (Assured 
Computing  Environment),  a  product  that 
takes  VMware’s  virtualization  expertise  and 
brings  it  to  x86-based  personal  laptops  and 
PCs,  while  giving  IT  administrators  the  abil¬ 
ity  to  tightly  control  and  manage  what  kind 
of  access  users  have  from  their  client 
devices. 

With  ACE,  an  IT  desktop  manager  can 
set  policies  for  a  virtual  machine  and 
then  give  end  users  a  DVD  that  they  load 
onto  their  PCs. 

See  VMware,  page  26 


■  BY  DENI  CONNOR 

Security  vendor  Symantec  has  taken  a 
beating  on  Wall  Street  since  announcing 
plans  in  December  to  buy  storage  man¬ 
agement  company  Veritas  Software  for 
$13.5  billion.  But  perhaps  an  even  more 
skeptical  crowd  awaits  Symantec  in  the 
form  of  Veritas  customers. 

The  major  concern  about  a  dozen  joint 
Symantec/Veritas  customers  expressed 
when  Network  World  contacted  them  cen¬ 
ters  around  how  Symantec  will  support 
them  once  the  companies  unite. 

Customers  praised  Veritas  support  as 
clean  and  simple,  while  castigating  Sym¬ 
antec  for  slow  support  not  worthy  of  enter¬ 
prise  network  customers. 

“The  [Veritas]  Web  site  is  full  of  data  and 
the  search  of  the  user  forums  is  integrated,” 
says  Ed  Cetron,  managing  partner  for  Tech¬ 
nologies  International  in  Atlantic  High¬ 
lands,  N.J.,  which  uses  Veritas  Volume  Man¬ 
ager  and  Backup  Exec,  and  Symantec’s 
Norton  Antivirus  Corporate  Edition.  “Tech 
support  [and  beta-test  support]  has  always 
been  from  people  who  apparently  care.” 

Symantec,  on  the  other  hand,  has  always 
been  standoffish,  Cetron  says.  “The  tech 
support  has  been  mediocre,  and  I’ve  never 
gotten  the  feeling  that  they  are  anything 


Takes 

■  Advanced  Micro  Devices  will  be 
gin  putting  3-D  holographic  labels  on 
the  packaging  of  boxed  processors  so 
that  customers,  resellers  and  distribu¬ 
tors  can  verify  the  authenticity  of  the 
chips,  the  company  said  last  week. 

The  move  came  less  than  a  week 
after  AMD  said  police  had  seized  a 
number  of  its  chips  from  an  illegal  re¬ 
marking  operation  in  Taiwan.  The  holo¬ 
graphic  label  will  appear  on  the  bot¬ 
tom  left  corner  of  the  packaging  for 
boxed  Athlon  64  FX,  Athlon  64,  Sem- 
pron  and  Opteron  chips,  the  company 
said.  System  builders  and  PC  buyers 
choosing  their  own  components  often 
purchase  AMD’s  boxed  processors. 

■  NSI  Software  has  enhanced  its 


but  a  commodity  supplier;”  he  says. 

David  Lipman,  a  former  senior  engineer 
for  Lockheed  Martin  Information  Technol¬ 
ogy  in  Alexandria,  Va.,  expresses  similar 
sentiments. 

“Veritas’  technical  support  is  far  superior 
—  this  includes  Veritas  hosting  a  private, 
non-UseNet  news  server]’ he  says. 

“A  company, small  or  large,  can’t  wait  days 
to  weeks  to  get  a  solution  if  there  is  a  prob¬ 
lem,”  says  Lipman,  who  has  used  both 
Symantec’s  Norton  Ghost  software  and  Ver¬ 
itas’  Backup  Exec.“Veritas  is  much  more  in¬ 
tune  to  assisting  its  user  base.” 

Symantec  denies  having  systematic  prob¬ 
lems  in  its  support  organization  and  notes 
that  about  one-third  of  its  6,000  employees 
are  dedicated  to  technical  support. 

“The  [amount  of  time  these  users  say  it 
takes  to  respond]  is  totally  inaccurate,” says 
Don  Oldenburg,  senior  director  of  global 
support  for  Symantec.  “On  the  consumer 
side,  the  average  response  time  to  service 
requests  is  18  hours.  I  have  talked  to  a  lot  of 
customers  on  a  daily  basis,  and  that  cer¬ 
tainly  isn’t  the  norm.  Ninety-five  percent  of 
our  customers  are  ‘satisfied’  or  Very  satis¬ 
fied’  with  our  support.” 

Symantec  recommends  that  midsize  to 
large  enterprise  network  customers  sign 
monthly  Premium  Platinum  or  Global 


business-continuity  software  for 
Microsoft  Cluster  Server  implementa¬ 
tions.  GeoCluster  4.4  data  replication 
software  now  includes  data  compression, 
e-mail  notification  of  errors,  improved 
resource  management  and  Microsoft 
certification.  Intelligent  data  compres¬ 
sion  reduces  the  amount  of  network 
bandwidth  used  when  replicating  data 
across  distances.  GeoCluster  4.4  starts 
at  $4,500. 

■  ManageSoft  announced  that  it  has 
expanded  the  capability  of  its  deployment 
and  updating  software  to  include  mach¬ 
ines  running  Apple's  Mac  OS  X  operating 
system.  Managesoft  already  supported 
Windows,  Unix  and  Linux  environments. 
The  software  lets  IT  administrators  de¬ 
ploy,  update  and  apply  patches  and  re¬ 
motely  manage  desktop  computers  and 
servers.  ManageSoft  costs  $72  per  device 
managed. 


Aid  package 

Symantec  is  expected  to  extend 
its  support  model  to  Veritas 
enterprise-class  products. 

Premium  Platinum  Support 

•  24/7  live  support 

•  Unlimited  number  of  calls 

•  Secure  logon  to  support  Web  site 

•Technical  account  manager 

•  Proactive  communication 

•  Numerous  contacts 

Global  Premium  Platinum  Support 

•Customized  level  of  service 

•Dedicated  support 

Premium  Platinum  contracts,  where  the 
response  time  can  be  immediate. 

Symantec  says  its  Premium  Platinum  or 
Global  Premium  Platinum  support  con¬ 
tracts  for  products  such  as  its  Enterprise 
Firewall  8.0  for  Windows  or  its  Antivirus 
Corporate  Edition  include  24/7  support,  an 
unlimited  number  of  service  requests  and 
a  technical  account  manager.  IT  comple¬ 
ments  these  contracts  with  Web-based 
knowledgebases,  e-mail  notification  ser¬ 
vices  and  software  upgrades. Veritas  offers 
support  contracts  that  promise  many  of  the 
same  benefits. 

Symantec  declined  to  say  how  its  support 
programs  might  change  once  the  Veritas 
acquisition  is  sealed,  most  likely  in  March. 
Neither  has  it  outlined  how  the  compa¬ 
nies’  products  will  be  merged  or  which 
products  might  be  ditched. 

One  customer  seemingly  unfazed  by  the 
joining  of  Symantec  and  Veritas  noted  that 
they  both  have  established  support  chan- 
nels.“l  do  not  foresee  much  change,  if  at  all, 
in  the  way  Veritas  supports  its  customers,” 
says  Jim  Miskovsky  director  of  IT  for  law 
firm  Fischer  &  Phillips  in  Atlanta. 

Paul  Erickson,  vice  president  of  Trade- 
show  Multimedia  in  Mayfield  Village,  Ohio, 
says  he  hopes  Symantec  will  take  support 
pricing  into  consideration  as  it  works 
through  the  merger. 

“Their  attitude  toward  pay-only  support 
for  even  simple  product  activation  prob¬ 
lems  is  frustrating,”  he  says.Try  calling  their 
support  phones  sometime  and  navigating 
the  support  tree  and  getting  anywhere 
without  putting  in  a  credit  card  number’  ■ 


More  online! 


Don't  miss  your  chance  to  touch,  see  and  harvest  70 
of  the  world’s  most  promising  innovations  before 
anyone  else  at  the  Demo@15!  show  on  Feb.  13-15 
in  Scottsdale,  Ariz. 
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McNealy: 


Chairman  and  CEO  weighs  in  on  open 
source  and  building  complete  systems. 

Sun  is  staying  the  course  on  some  things,  like 
building  hardware  and  software  systems,  but 
making  twists  in  other  areas,  such  as  open 
sourcing  Solaris.  Sun  Chairman  and  CEO  Scott 
McNealy  spoke  recently  about  what's  ahead  for 
the  company  with  IDG  News  Service 
Correspondent  Robert  McMillan. 


Sun  has  made  a  lot  of  interesting  changes  in  the  last 
year.  What  has  been  a  real  success? 

We  have  lowered  the  cost  model  big  time  in  the 
company,  and  we  have  improved  operating  contri¬ 
bution  significantly  We’re  on  the  right  track  with  util¬ 
ity  computing,  with  our  community  development 
strategy  Our  Opteron  story  is  very  exciting.  Our  chip- 
multi-threading  story  is  going  to  break  here  very 
soon,  and  that’s  going  to  be  very  exciting.  Open 
sourcing  Solaris  is  a  big  deal. The  momentum  with 
Java  is  a  story  that  people  are  now  just  taking  for 
granted,  but  it  is  a  stunning  achievement. 

But  what  do  you  think  will  be  the  big  hit  for  Sun  in  2005? 

Well,  imagine  we  hadn’t  done  Java  10  years  ago, 
where  do  you  think  Sun  would  be  today?  It  would 
be  all  Windows.  We’d  be  done.  If  people  aren’t  writ¬ 
ing  Java  Web  services,  they’re  writing  to  .Net.  If 
they  write  to  .Net,  they  write  to  Windows.  If  they 
write  to  Windows,  they  don’t  write  to  Sun  equip¬ 
ment.  So  people  ask, ‘Well,  how  come  you  didn’t 
monetize  Java?’ Wait  a  second,  there’s  $7.4  billion 
cash  in  the  bank  since  we  launched  Java.  Just 
because  we  didn’t  charge  for  it?  . . . 

It’s  like  saying  HP  doesn’t  make  much  money  on 
printers  —  they  make  it  all  on  printer  cartridges. 
There  are  different  ways  to  create  the  market  and 


’ll  keep  doing  software  and  hardware 


monetize  it.  And  so  you’re  asking  the  question: 
‘How  are  you  going  to  monetize  the  market  going 
forward?’ Well,  sometimes  you  don’t  share  that 
[information]. 

Some  developers  have  called  for  Sun  to  open  source  an 
implementation  of  the  Java  Virtual  Machine.  Why  haven't 
you  done  that? 

Mainly  because  the  Java  Community  Process  was 
there  from  the  beginning.  We’ve  got  over  900  corpo- 

IfcOpen  sourcing 
Solaris  is  a  big 
deal.!) 

Scott  McNealy 

Chairman  and  CEO,  Sun 


rations  and  organizations  who  are  part  of  the  Java 
Community  Process. There’s  just  not  a  community 
development  issue  there,  and  I’m  not  sure  what 
problem  it  solves.  We ’re  happy  to  adjust  and  modify 
the  Java  Community  Process.You  can  still  do  open 
source  or  proprietary  implementations  of  any  Java 
technology  on  your  own. There’s  a  certification 
process.  We  don’t  want  to  fix  something  that’s  not 
broken  at  this  point. 

In  that  vein,  what  problem  does  open  sourcing  Solaris 
solve? 

We  don’t  have  a  Java-like  Community  Process 
setup  for  evolving  it,  and  we  don’t  have  access  to 
the  source  code  for  developers  to  get  access  to  it. 
That’s  the  big  difference.  There  is  no  encumbered 
code  in  Java. 


Sometimes  it  seems  as  though  Sun  is  trying  to  become  a 
software  and  services  company.  What  has  convinced  you 
to  keep  investing  in  these  multicore  UltraSparc  chip 
designs  like  the  upcoming  Niagara  processor? 

Companies  that  don’t  do  microprocessors  and 
core  systems  development  have  all  lost  money, 
except  one:  Dell.  Every  one  of  them  has  lost  money 
reselling  somebody  else’s  microprocessor. 

Why  is  that? 

Because  the  money  is  in  the  system.  In  the  end,  it’s 
kind  of  like  Ford  would  have  a  hard  time  OEMing 
Chevy  drive  trains. You  can’t  go  to  Fisher  Body  as  Ford 
and  expect  to  make  money  on  the  upholsteryYou 
can  go  build  a  car  out  of  50  different  suppliers’  com¬ 
ponents,  or  you  can  buy  a  Ford.  And  I’ll  bet  you  the 
Ford  will  be  a  better  price  performance  maneuver. 
That’s  why  we  do  it.  We  can  do  that,  actually  with  a 
very  small,  focused  design  team  that  is  very  tightly 
integrated. To  us,  it  is  more  important  that  the  chip 
architecture  be  integrated  with  the  computer  and  the 
operating  system,  and  the  Web  services  and  network 
stacks,  than  be  affiliated  with  the  silicon  process. 

With  Lenovo  Group  acquiring  IBM's  PC  business,  it  seems 
that  there  are  two  ways  of  looking  at  this.  The  other  is 
that  Silicon  Valley  may  eventually  go  the  way  of  Detroit 
with  more  of  the  things  that  are  done  here  moved  off¬ 
shore.  What  is  the  R&D  that  was  in  the  IBM  PC  business? 

They  didn’t  do  any  software;  they  didn’t  do  any 
disk  drives;  they  didn’t  do  the  power  supplies;  they 
didn’t  do  the  sheet  metal;  and,  the  last  time  I  looked, 
they  didn’t  have  any  steel  plants  over  there.They 
didn’t  mold  their  own  plastic;  they  didn’t  do  the 
motherboards  —  those  were  all  built  by  Intel  — 
they  didn’t  do  the  microprocessor.  All  they  did  was 
some  order  taking  and  some  final  logistics.That’s 
what  the  PC  business  is  all  about  today  for  anybody 
who’s  not  Intel  or  Microsoft.  ■ 


Cisco,  EMC  team  on  storage 


■  BY  DENI  CONNOR 

Cisco  and  EMC  last  week  announced 
a  deal  that  will  let  customers  buy  EMC’s 
network-attached  storage  arrays  with 
Cisco’s  File  Engine  appliances. 

Cisco  will  re-brand  the  EMC  NS500 
and  NS700  Series  NAS  subsystems  and 
sell  them  with  remote-office  storage 
consolidation  technology  that  it 
acquired  from  Actona  last  June. 

In  a  typical  configuration,  an  NS500 
or  NS700  would  be  placed  in  a  data 
center,  where  it  would  attach  to  a  Cisco 
File  Engine  FE511.The  FE511  would 
communicate  with  other  FE511  appli¬ 
ances  located  in  remote  offices  and 
transfer  file  changes  to  a  data  center, 
where  data  could  be  backed  up  and 
protected. 

The  package  differs  in  intent  from 
EMC’s  OnCourse  software.  OnCourse  is 


not  a  branch-office  connectivity  pack¬ 
age;  it  is  used  primarily  for  transferring 
regularly  occurring  files,  such  as  parts 
lists,  to  branch  or  remote  offices. 

This  is  not  the  first  collaboration 
between  EMC  and  Cisco.  EMC  makes 
Cisco’s  MDS  9000  Multilayer  Director 
switches  under  an  OEM  agreement. 
The  companies  also  offer  joint  disaster- 
recovery  and  business-continuity  ser¬ 
vices  to  customers. 

The  Cisco  File  Engine  costs  $12,000; 
an  NS500  with  IT  byte  of  capacity 
costs  $40,000;  and  an  NS700  with  2T 
bytes  of  capacity  costs  $137,500. 

The  package  is  scheduled  to  be  avail¬ 
able  in  the  second  quarter.  ■ 

Cisco  will  package  EMC  NS500  and  NS700 
Series  NAS  subsystems  (as  shown  here) 
with  its  own  remote-office  storage  consoli¬ 
dation  technology. 


VMware 

continued  from  page  25 

“I  really  consider  [ACE]  to  be  a 
kind  of  media  player  because 
that’s  all  it  does.  It  simply  plays  the 
image,”  says  Worthington,  who 
provided  user  input  to  VMware 
during  the  creation  of  ACE  and 
was  one  of  more  than  1 ,000  users 
who  beta-tested  the  software  this 
fall. VMware  began  shipping  ACE 
in  December. 

Analysts  say  VMware  ACE  is  a 
natural  extension  for  the  compa¬ 
ny  that  specializes  in  virtualiza¬ 
tion  software  on  servers.  A  sub¬ 
sidiary  of  EMC,  VMware  sees  vir¬ 
tualization  as  an  enterprise-wide 
strategy  they  say. 

“VMware  looks  at  ACE  as  a  very 
strategic  capability  that  will 
allow  incrementally  over  time 
the  construction  of  a  completely 
virtual  environment  where  re¬ 


sources  and  applications  move 
around  to  best  meet  service 
requirements  and  work  around 
failures  in  the  environment,”  says 
Dan  Kusnetzky  vice  president  of 
system  software  at  IDC. 

Kusnetzky  says  others,  such  as 
Microsoft  with  Virtual  PC  and 
SWsoft  with  Virtuozzo,  have  vir¬ 
tual  machine  technology. 

“But  what  VMware  has  done  is 
they’ve  added  on  to  the  virtual 
machine  technology  a  way  for 
the  virtual  machine  to  be  en¬ 
crypted  and  controlled,  “  he  says. 
“The  others  have  the  virtual 
machine  technology,  but  they 
haven’t  built  all  the  management 
tools  on  it  just  yet.“ 

VMware  ACE  Starter  Kit, 
which  includes  ACE  Manager 
and  four  VMware  ACE  client 
licenses,  costs  about  $1,000. 
Additional  client  licenses  are 
$99  each.  ■ 
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■  Companies  willing  to  trade  in  com¬ 
peting  Web  conferencing  products  can 
get  a  discount  on  IBM’s  Lotus  Web 
Conferencing  software.  With  a  trade- 
in,  companies  are  eligible  for  25%  off 
IBM's  current  suggested  retail  price 
for  Lotus  Web  Conferencing.  The  deal 
pertains  to  companies  that  purchase 
licenses  for  the  IBM  software  or 
arrange  for  services-based  delivery  of 
the  software,  IBM  says. 

■  SAP  has  acquired  software  start-up 
iLytix  Systems,  which  makes  a  re¬ 
porting  and  budgeting  tool,  and  will 
use  its  technology  in  a  new  version  of 
SAP's  Business  One  applications  suite 
that  was  announced  last  week.  Busi¬ 
ness  One  is  a  broad  suite  of  applica¬ 
tions  aimed  at  smaller  businesses.The 
upgrade  adds  new  materials  require¬ 
ment  planning  capabilities  and  en¬ 
hancements  to  the  financials  and  em¬ 
bedded  customer  relationship  man¬ 
agement  features.  iLytix  makes  a  tool 
called  XL  Reporter  that  helps  compa¬ 
nies  pull  together  business  reports  and 
budgets  that  can  be  viewed  in  Micro¬ 
soft's  Excel  spreadsheet.  Including  the 
tool  with  Business  One  means  cus¬ 
tomers  won't  have  to  export  and  refor¬ 
mat  data  to  get  it  from  their  business 
applications  into  Excel.  The  new  ver¬ 
sion  of  Business  One  is  available  now 
and  costs  $3,750  per  user.  Terms  of  the 
iLytix  transaction  were  not  disclosed. 

■  Microsoft  is  expanding  its  hosted 
Exchange  product  for  service  pro¬ 
viders  to  include  instant  messaging 
and  Web  sites  that  serve  as  collabora¬ 
tive  online  work  spaces.  Previously, 
the  offering  consisted  only  of  Ex¬ 
change  Server  2003  and  was  called 
the  Microsoft  Solution  for  Hosted  Ex¬ 
change  2003.  It  has  been  renamed  the 
Microsoft  Solution  for  Hosted  Messa¬ 
ging  and  Collaboration,  and  also  in¬ 
cludes  Live  Communications  Server 
2005  and  Windows  SharePoint  Serv¬ 
ices.  Live  Communications  Server 
2005  is  Microsoft's  enterprise  instant 
messaging  and  presence  product. 
Service  providers  will  set  pricing  and 
offer  the  products  as  a  hosted  service 
in  the  next  three  to  six  months. 


Aprisma  buy  fills  out  Concord  line 

Concord  solidifies  net  mgmt.  suite  with  fault  management  technology. 


■  BY  DENISE  DUBIE 

Concord  Communications  is  hoping  to 
win  over  customers  who  are  looking  to 
reduce  the  number  of  vendors  they  have 
to  deal  with  to  manage  their  enterprise 
networks,  systems  and  applications. 

Concord  announced  last  week  it  would 
acquire  competitor  Aprisma  Management 
Technologies  in  a  $93  million  deal  set  to 
close  in  the  first  quarter.  Concord  says  by 
incorporating  Aprisma’s  fault  manage¬ 
ment  technology  into  its  performance 
management  software,  the  company  will 
be  able  to  provide  customers  with  a  more 
complete  management  product  from  one 
vendor. 

“Consolidation  in  the  management  mar¬ 
ket  is  inevitable.  Customers  want  to  deal 
with  fewer  vendors,  and  we  realized 
adding  Aprisma  would  help  us  provide  to 
them  best-of-breed  performance  and  fault 
management  capabilities,”  says  Jack 
Blaeser,  Concord  president  and  CEO. 

The  companies  plan  later  this  year  to 
integrate  Concord’s  network,  systems  and 
application  performance  management 
and  reporting  software  (eHealth  Suite) 
with  Aprisma’s  Spectrum  infrastructure 
and  IT  service  assurance  software.  The 
combination  could  help  Concord  win 
accounts  from  competitors  Lucent,  Info- 
Vista,  Micromuse,  Quallaby  and  Smarts 
(set  for  acquisition  by  storage  giant  EMC), 
and  start  competing  against  BMC  Soft¬ 
ware,  Computer  Associates,  HP  and  IBM, 
Blaeser  says. 

Kim  Jahnz,  lead  WAN  data  network  engi¬ 
neer  at  Aurora  Health  Care  in  Milwaukee, 
already  integrates  Concord  and  Aprisma 
products.  Jahnz  has  been  a  customer  of 
both  companies  for  years,  and  she  says 
the  vendors’  plans  to  integrate  make 
sense.  She  uses  Aprisma’s  Spectrum  for 


More  online! 

Find  out  which  new  technologies  best  improve  network 
performance  by  listening  to  Jim  Metzlers  keynote 
presentation  on  effective  network  management. 

DocFinder:  1542 


BMC  adds  to  ID  management  arsenal 


BMC  Software  last  week  announced  it  would  pump  up  its  management  prod¬ 
uct  suite  with  the  acquisition  of  Calendra  and  its  identity  management 
technology. 

BMC  will  acquire  100%  of  Calendra  shares  for  approximately  $33  million.  The 
acquisition  is  expected  to  be  completed  this  month.  Calendra  makes  Directory 
Manager,  which  lets  companies  use  security  rules  and  policies  to  automate  many 
aspects  of  user  management,  such  as  assigning,  managing  and  revoking  access 
rights  to  resources  on  the  Web  and  on  an  enterprise  network.  The  product  also 
has  self-service  features  for  users  to  manage  and  recover  their  own  password,  a 
costly  support  service  for  many  organizations. 

BMC  says  it  plans  to  add  Calendra's  technology,  including  advanced  workflow 
and  user  directory  management  features,  to  its  Business  Service  Management 
product  line.  BMC  also  will  combine  Calendra’s  identity  management  technology 
with  its  own  user-provisioning  product,  Control-SA.This  could  let  customers 
streamline  the  management  of  user  identity,  passwords  and  access  permissions. 

The  move  is  no  surprise  to  industry  watchers  who  say  management  heavy¬ 
weights  BMC,  Computer  Associates,  HP  and  IBM  have  targeted  identity  manage¬ 
ment  as  the  next  step  in  their  separate  data  center  automation  goals.  In  October, 
CA  announced  plans  to  buy  identity  and  access  management  software  maker 
Netegrity  for  $430  million. 

The  promise  of  automated  user-provisioning  —  and  more  importantly  de-provi¬ 
sioning  —  would  be  critical  to  any  vendor’s  IT  service  management  plans,  and  the 
top  four  management  vendors  are  neck-and-neck  in  a  race  to  be  the  first  to  offer 
their  vision  of  utility  computing. 

"Identity  management  is  simply  necessary  for  IT  business  service  manage¬ 
ment,"  says  Stephen  Elliot,  a  senior  analyst  with  IDC. 

Rich  Ptak,  principal  analyst  with  Ptak,  Noel  &  Associates,  says,  “The  manage¬ 
ment  bigwigs  each  have  a  list  of  the  five  or  eight  technologies  they  need  to  fill  out 
their  portfolio  to  be  the  ultimate  solution  provider  for  their  customers.  There  is  a 
distinct  move  among  the  end-user  community  from  buying  disparate  IT  tools  to 
purchasing  a  bundled  software  package  that  attempts  to  solve  a  specific  busi¬ 
ness  problem  such  as  provisioning." 

—  Denise  Dubie  and  IDG  News  Service  correspondent  Paul  Roberts 


infrastructure  management  and  root- 
cause  analysis,  coupled  with  Concord’s 
eHealth  performance  reporting  and 
Application  Response  software,  to  man¬ 
age  application  performance  from  the 
end-user  desktop  to  back-end  systems. 

“Spectrum  to  me  is  the  expert  in  net¬ 
work  fault  management,  and  Concord  has 
the  best  reporting  and  application 
response  monitoring  tools.  I  just  finished 
our  very  manual  integration  project  to 
bring  the  products  together,”  Jahnz  says. 
“Going  forward,  I’d  like  to  see  reports 
using  infrastructure  topologies  overlaid 
with  application  topologies.  It  would  be 
great  to  have  all  them  do  that  integration 
work  for  me.” 

Yet  Jahnz,  who  uses  HP  Open  View 
Network  Node  Manager  to  monitor 


Aurora  Health  Care’s  WAN  links,  doesn’t 
expect  to  whittle  her  vendor  accounts 
down  to  just  one  anytime  soon. 

“It’s  easier  to  deal  with  fewer  vendors, 
but  if  you  get  down  to  just  one,  they  can 
get  you  over  a  barrel  and  that’s  when  they 
stop  delivering,”  she  says.“Healthy  compe¬ 
tition  keeps  vendors  responding  to  cus¬ 
tomer  service  and  support  problems.” 

Customers  such  as  Scott  Bracken,  an  IT 
specialist  with  aircraft  parts  manufacturer 
Goodrich,  in  Chula  Vista,  Calif.,  wants  to 
see  product  integration  from  Concord’s 
2003  netViz  acquisition  before  he  consid¬ 
ers  Aprisma’s  capabilities. 

“I’d  like  to  see  them  get  that  part  working 
in  the  coming  months,”  Bracken  says.  He 
uses  Concord  to  track  business  service 
See  Concord,  page  28 
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One  of  the  problems  with  IP-based 
cameras  is  that  unknown  people 
can  access  them  to  see  what  the 
cameras  are  pointing  to.  It  would  seem  to 
be  a  no-brainer  to  try  to  prevent  this,  but 
many  people  who  install  IP  cameras 
don’t  take  any  such  measures,  and  some 
vendors  make  it  easy  for  unprotected 
cameras  to  be  found. 

After  some  major  news  coverage  of  sur¬ 
reptitiously  taken  videos  of  nannies  beat¬ 
ing  up  children  in  their  care,  lots  of  par¬ 
ents  began  installing  concealed  cameras 
in  their  homes.  Many  of  these  cameras 
were  IP-based  and  wound  up  being  con¬ 
nected  to  home  networks  that  were,  in 
turn,  connected  to  the  Internet  through 
DSL  or  cable  modems.  This  was  ideal  for 
the  people  who  installed  them  because 
they  could  peek  in  from  the  office. There 
was  a  bit  of  a  potential  privacy  problem: 


Public  nannycams 


Because  the  nannies  tended  to  work  in 
places  where  the  homeowners  also  fre¬ 
quented,  unless  the  homeowners  took 
care  to  remember  the  camera  was  there, 
potentially  embarrassing  images  could 
be  on  the  ’Net  for  the  taking. 

Shortly  thereafter,  corporate  network 
security  people  and  others  who  were 
putting  up  security  cameras  figured  out 
that  they  could  save  a  lot  on  installation 
cost  if  they  also  used  IP-based  camera 
systems. 

Many  of  these  home  or  business  IP- 
based  cameras  ran  mini  Web  servers  so 
the  user  could  employ  a  standard  brows¬ 
er  to  look,  but  most  of  the  systems  had  no 
or  minimal  security  Many  people  did  not 
even  take  advantage  of  whatever  security 
the  cameras  did  have.  I  guess  they  didn’t 
think  about  the  issue  or  assumed  that 
because  they  would  not  be  telling  the 
world  the  IP  address  of  the  camera  no 
one  would  find  it. 

In  another  example  of  security 
through  obscurity  not  actually  being 
security,  it  turns  out  that  some  of  the 
manufacturers  have  made  it  easy  for  the 
IP  addresses  to  be  found.  The  manufac¬ 


turers  used  consistent  character  strings 
in  the  URLs  that  the  users  employed  to 
access  the  cameras.  And  it  turns  out  that 
Google  (the  universal  research  tool 
these  days)  has  a  feature  in  its  search 
command  to  look  for  URLs  that  include 
a  particular  string. 

For  example,  the  command  “inurl: 
View/index.shtml’”will  look  for  the  string 
“view/index.shtml”  in  all  URLs.  This  hap¬ 
pens  to  be  a  string  that  one  of  the  camera 
manufacturers  uses  in  its  systems.  Google 
finds  almost  a  thousand  URLs  with  this 
string  —  almost  all  of  them  are  Axis  IP- 
based  cameras.  Other  strings  to  look  for 
include  “ViewerFrame?Mode=”  and 
“MultiCameraFrame?Mode=.”  Together 
they  produce  more  than  2,000  additional 
hits. 

I  did  a  random  look  at  the  URLs  the 
searches  came  up  with  and  looked  at  a 
snowstorm  in  Lapland,  Finland;  an 
empty  auditorium  in  Mexico;  the  center 
of  East  Ayrshire,  England;  the  interiors  of 
a  number  of  restaurants  and  stores;  a 
construction  site  in  Hungary;  ice  and 
snow  on  Lake  Lucille,  Ala.;  a  bunch  of 
car  garages;  furniture  showrooms;  a 


www.nwfusion.com 


number  of  computer  centers;  a 
Japanese  radio  talk  show;  lots  of  parking 
lots;  and  scads  of  traffic  and  weather 
cams.  Some  of  the  cameras  could  even 
be  controlled  over  the  Web.  By  the  way, 
there  seems  to  be  a  lot  of  snow  in  Japan 
right  now. 

Some  URLs  did  not  respond  and  some 
sites  did  request  a  logon  and  password, 
but  thousands  of  cameras  are  there  for 
the  viewing.  I  didn’t  find  anything  risque 
but  I  only  looked  at  a  few  sites. 

I  hope  that  any  of  you  who  put  in  IP- 
based  cameras  and  want  them  to  be  pri¬ 
vate  do  not  assume  that  no  one  will  find 
them  on  the  ’Net.  I  also  hope  that  the 
manufacturers  will  fix  their  code  to  make 
the  cameras  not  so  easy  to  find. 

Disclaimer:  Google  makes  Harvard  easy 
to  find  with  33.7  million  hits,  not  all  of 
them  about  the  university  But  the  opin¬ 
ion  on  open  cameras  is  mine,  not 
Harvard’s. 

Bradner  is  a  consultant  with  Harvard 
University’s  University  Information 
Systems.  He  can  be  reached  at  sob@ 
sobco.com. 


Concord 

continued  from  page  27 

performance  when  it  goes  awry,  and  says 
he  believes  the  netViz  technology  will  en¬ 
hance  Concord’s  current  offering.  “I’d  like 
to  be  able  to  have  a  geographic  map  run 
over  the  IT  map  so  when  a  problem 
occurs  it  is  simple  to  narrow  it  down  to  a 
specific  place,  such  as  California.” 

While  addressing  customer  concerns 
might  have  motivated  the  vendors  to 
merge,  other  factors  played  an  obvious 
role. 

“Right  now  the  price  is  simply  right  for 
technology,”  says  Rich  Ptak,  a  principal 
analyst  with  Ptak,  Noel  &  Associates.“Now 
is  the  time  for  vendors  to  beef  up  their 


portfolios,  but  they  need  to  keep  in  mind 
that  merging  is  a  challenge  beyond  prod¬ 
uct  integration.” 

For  Concord,  Blaeser  says  Aprisma  repre¬ 
sented  a  complementary  acquisition. The 
company  embraced  the  same  culture,  the 
same  sales  mentality  and  the  same  tech¬ 
nology  goals  as  Concord  and  is  located  in 
Portsmouth,  N.H.,  north  of  Concord’s 
Marlborough,  Mass.,  headquarters. 

Aside  from  similarities  between  the 
companies,  Concord’s  motivation  for  the 
deal  seems  simple:  It  wants  to  expand  its 
customer  base  and  increase  its  revenue 
quickly  Concord,  which  expects  to  pull  in 
about  $110  million  in  revenue  for  2004, 
will  next  year  be  able  to  add  Aprisma’s  rev¬ 
enue  to  its  balance  sheet.  Aprisma  esti¬ 


mates  its  2004  revenue  was  about  $43  mil¬ 
lion.  The  deal  also  will  add  about  1,000 
Aprisma  customers  to  Concord’s  installed 
base  of  3,000. 

“We  can  double  our  dollars  as  one  corn- 
pan^’  he  says. 

For  Aprisma’s  part,  the  network  manage¬ 
ment  arm  of  the  now-defunct  Cabletron 
needed  an  environment  in  which  to  grow 
its  technology  Since  mid-2002,  Aprisma 
has  been  owned  by  Gores  Technology 
Group,  which  purchased  the  company 
from  fellow  Cabletron  offspring  Enterasys. 
Industry  watchers  speculated  if  Aprisma 
could  distance  itself  from  Enterasys’  U.S. 
Security  and  Exchange  Commission  inves¬ 
tigations  it  could  become  a  solid  manage¬ 
ment  software  maker  on  its  own.  Under 


Gores,  Aprisma  re-established  itself  as  one 
of  many  network  and  systems  manage¬ 
ment  software  makers,  competing  in  a 
market  IDC  estimates  to  be  about  $13.2 
billion. 

“We  had  taken  it  as  far  as  we  could  on 
our  own,  and  it  was  the  right  time  to  join 
forces  with  Concord,”  says  Aprisma 
President  and  CEO  Mike  Fabiaschi. 

In  December,  Concord  announced  its 
plans  to  purchase  Vitel  Software,  a  maker 
of  products  to  manage  legacy  IP  PBXs. 
And  in  July  2003,  Concord  announced 
its  acquisition  of  netViz,  a  maker  of  soft¬ 
ware  that  lets  users  visualize  business 
processes  and  lets  them  map  relation¬ 
ships  within  the  supporting  technology 
infrastructure.* 


Management  mixing  bowl 


Aprisma  and  Concord  have  competed  in  a  crowded  network  management  market  for  years,  albeit  from  two  different  directions: 
Concord  worked  to  expand  its  business  through  acquisitions,  while  Aprisma  struggled  to  win  independence. 
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February  2000 

Cabletron  splits  into  four  companies: 
Riverstone  Networks,  Enterasys  Networks, 
Global  Network  Technology  Services  (GNTS), 
and  Aprisma  Management  Technologies. 
Aprisma  remains  part  of  Enterasys.. 


. . . . .  i  i  i  i  r 


January  2002 

Aprisma  announces  it  will  spin  off  of 
Enterasys  to  form  an  independent 
company  and  focus  on  developing  its 
management  software  product  to  work 
with  heterogeneous  network  gear. 


August  2002 

Enterasys  sells  Aprisma 
to  Los  Angeles-based 
holding  company  Gores 
Technology  Group  for  an 
undisclosed  amount 


£ 


January  2005 

Concord  announces  it 
will  acquire  Aprisma 
from  Gores  for  $93 
million  in  cash. 
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July  2003  - 

December  2004 - 

Concord  integrates  its  performance 
management  software  with  technology 
from  RiverSoft  (which  eventually  was 
acquired  by  competitor  Micromuse)  to  add 
fault  management  to  its  software  suite. 


Concord  licensesTavve  Software’s 
EventWatch  root  cause  technology 
to  add  discovery  of  Layer  2  and  3 
network  topology  to  Concord's 
eHealth  Suite. 


2005 


Concord  announces  plans  to 
acquire  Vitel  Software,  which 
makes  products  to  manage 
legacy  and  IP  PBXs  and  voice 
mail  systems,  for  $4  million. 


In  Prohibition-era  America, 
vast  bootlegger  syndicates 
smuggled  in  spirits  from 
the  Pacific  and  Atlantic. 

Their  offshore  fleets  used 
sophisticated  codes  and 
ciphers  to  encrypt  radio 
transmissions.  To  combat 
the  problem,  the  Coast 
Guard  called  in  Elizebeth 
Smith  Friedman  and  her  team 
of  federal  cryptanalysts  to 
decipher  messages  seized 
in  a  1931  New  Orleans  raid. 

In  the  end,  the  plaintext 
decryptions  led  a  grand  jury 
to  indict  35  rumrunners;  six 
bosses  and  smugglers  were 
convicted  and  sentenced  to 
prison  on  federal  conspiracy 
charges.  The  culture  of 
mobsters  and  speakeasies 
was  dealt  a  serious  blow. 


Code  making  and  breaking 
continue  to  play  a  crucial  role 
in  international  intelligence 
gathering,  law  enforcement 
and  global  trade.  Join  us 
at  RSA'  Conference  2005 
and  learn  new  ways  to 
protect  your  enterprise  from 
today's  information  security 
hoodlums,  or  secure  your 
application  from  a  new  breed 
of  hacker-bootleggers! 
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Register  today  at 
www.rsaconference.com 
[Enter  source  code  MGY] 


FULL  CONFERENCE  PASS 


Register  today  for  Full  Access  to 
all  four  days  of  class  tracks,  keynotes, 
the  expo  floor,  conference  proceedings, 
evening  receptions  and  giveaways. 


Register  by  February  14  and  get  a 
Free  Expo  Pass  for  access  to  the 
expo  floor  and  selected  keynotes. 


THE  WORLD'S  LEADING 


February  14-18  •  Moscone  Center  •  San  Francisco 
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Middleware  is  Everywhere 


aiA  »  fXA 
fc  -Tf  51 

tfv**’ 

{s  natv 


MIDDLEWARE  IS  IBM  SOFTWARE.  Rational  Software 
It  has  the  power  to  keep  any-size  project  on  schedule.  On 
budget.  On  the  right  track.  Built  on  existing  assets.  The  IBM 
Software  Development  Platform  is  open.  Flexible.  It  makes 
change  manageable,  more  predictable.  Market-leading 
tools  like  Rational  ClearCasef  Rational  Unified  Process® and 
Rational  Portfolio  Manager  ease  project  management.  See 
how.  Register  for  the  IBM  Project  Manager  Survival  Kit  now. 


1.  Changes  accommodated  easily. 

2.  Scope  managed  efficiently. 

3.  Resources  allocated  precisely. 

4.  Progress  monitored  on  dashboard. 

5.  Upgrade  completed  ahead  of  schedule 


Get  the  IBM  Project  Manager  Survival  Kit  now  at  ibm.com/middleware/manage 


DEMAND  BUSINESS 


IBM,  the  IBM  logo,  the  On  Demand  logo,  Rational  ClearCase  and  Rational  Unified  Process  are  registered  trademarks  or  trademarks  of  International  Business  Machines 
ktafcfitatesand/or  other  countries.  ©2005JBM  Corpgratton.  All  rights  reserved. 
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Grid  Defined 
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GlobusWORLD  2005 


•  Viewed  by  many  as  the  most  important  Grid 
event  of  the  year. 

•  The  premier  Grid  conference  featuring  the 
Globus  Toolkit®. 

•  A  full  roster  of  Grid  tutorials,  panels, 
debates,  and  workshops. 

•  The  ultimate  destination  for  your  essential 
Grid  knowledge  -  whether  you're  a  Grid 
novice  or  expert. 

•  High-level,  technical  enterprise  speakers 
from  Cisco,  HP,  IBM,  Intel,  SAP,  Sun  and  more. 
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NCSA 


•  A  concentrated  Enterprise  Grid  track 
featuring  an  All-Star  roster  of  participants. 

•  Learn  from  early  grid  adopters,  end  users 
and  implementers  from  various  industries 
such  as  Pharmaceutical,  Financial  Services, 
Automotive,  Energy,  and  more. 

•  The  industry's  most  thorough  investigation 
of  critical  Open  Source  Grid  and  standards 

issues. 

•  A  premier  networking  opportunity  with  the 
industry's  most  concentrated  audience  of 
Grid  professionals. 
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Tsunamis  prompt  interest  in  ’Net  alerts 


II  If  you  want  to  get  people  off  the 
beach,  you  could  send  a  [Short  Message 
Service]  to  evety  cell  phone  that  is  active 
in  a  certain  ceii.  1 1 


Fred  Baker 

Cisco  fellow,  IETF  member 


■  BY  CAROLYN  DUFFY  MARSAN 

Imagine  this  scenario:  Minutes  before  the 
recent  Indian  Ocean  tsunami  crashes  into 
Sri  Lanka  or  Thailand,  the  cell  phones  of 
people  lying  on  the  beaches  there  start  to 
ring  and  a  short  text  message  issues  a 
warning  to  flee  to  higher  ground. 

Could  a  communications  system  like  this 
have  saved  lives?  Is  it  possible  to  build  such 
a  system  by  tapping  GSM,  a  set  of  standards 
used  globally  by  wireless  service  pro¬ 
viders?  These  are  some  of  the  questions 


■ 

■  New  York  State  is  still  taking  a 
handful  of  former  WorldCom 
executives,  financial  auditors  and 
bond  underwriters  to  court  despite  a 
$54  million  settlement.  Ten  ex-World- 
Com  directors  recently  settled  with 
the  New  York  State  Common  Retire¬ 
ment  Fund  in  connection  with  the 
company's  accounting  fraud.  Of  the 
$54  million,  $18  million  will  come 
directly  out  of  the  directors'  pockets. 
According  to  a  story  in  The  Wall 
Street  Journal,  a  handful  of  others 
involved  with  the  telecom  company, 
now  known  as  MCI,  will  stand  trial  on 
Feb.  28  if  they  do  not  reach  a  settle¬ 
ment  in  U.S.  District  Court  in  New 
York.  The  most  notable  ex-director  is 
Bert  Roberts,  who  was  CEO  at  MCI 
before  it  merged  with  WorldCom. 

■  New  England  competitive  local 
exchange  carrier  Conversenl 
Communications  is  merging  with 
Mid-Atlantic  CLEC  FiberNet  in  a 
stock  transaction.  Terms  of  the  deal 
were  not  disclosed.  Both  service 
providers  are  chaired  and  were 
founded  by  Robert  Fanch,  a  cable 
entrepreneur.  Upon  completion  of  the 
merger,  expected  in  March,  the  com¬ 
bined  company  will  serve  51,000  cus¬ 
tomers  with  300,000  local  access 
lines  and  more  than  3,900  miles  of 
fiber  in  10  states  in  the  Northeast 
and  Mid-Atlantic  regions.  The  compa¬ 
nies  had  combined  revenue  of  $205 
million  in  2004. 


that  the  Internet  engineering  community  is 
asking  itself  in  light  of  the  recent  tragedy 

“If  you  want  to  get  people  off  the  beach, 
you  could  send  a  [Short  Message  Service] 
to  every  cell  phone  that  is  active  in  a  cer¬ 
tain  cell,”  says  Fred  Baker,  a  Cisco  fellow 
who  has  expertise  in  Internet-based  emer¬ 
gency  communications.  “You  would  know 
what  cell  phones  were  active  in  a  particu¬ 
lar  cell  near  the  coastline. You’d  be  able  to 
target  a  particular  geographic  region  by 
basing  it  on  the  GSM  service.” 

Baker  and  other  members  of  the  IETF 
have  been  working  for  several  years  to  cre¬ 
ate  methods  for  prioritizing  emergency 
communications  over  the  Internet.  The 
IETF  is  considering  expanding  this  work  in 
response  to  the  devastating  tsunamis. 

“Distributed  robust  networks  like  the 
Internet  provide  a  wonderful  opportunity 
to  spread  information  quickly  and  to  a 
wide  audience,  thus  assisting  in  disaster 
recover^’  says  Kimberly  King,  co-chair  of 
the  IETFs  Internet  Emergency  Prepared¬ 
ness  (IEPREP)  working  group  and  a  princi¬ 
pal  network  engineer  at  Science  Appli¬ 
cations  International. 

King  says  the  Internet  can  help  in  all 
types  of  emergency  communications  — 
between  the  public  and  governmental 


■  BY  DENISE  PAPPALARDO 

The  wireless  service  provider  market  con¬ 
tinues  to  morph  as  new  merger  plans  are 
revealed. 

Last  week  Alltel  Communications  an¬ 
nounced  plans  to  acquire  regional  wire¬ 
less  service  provider  Western  Wireless  for 
$6  billion  in  a  cash-and-stock  deal. 

Alltel  is  currently  the  sixth-largest  wireless 
service  provider,  behind  Cingular  Wireless, 
Verizon  Wireless,  Sprint,  T-Mobile  and 
Nextel  Communications,  respectively  (see 
graphic,  page  34). 

If  the  $35  billion  Sprint/Nextel  merger 
announced  last  month  goes  through,  the 
combined  company  would  be  the  third- 
largest  provider,  with  24  million  customers. 

Unless  another  deal  is  announced  soon, 
T-Mobile  will  retain  the  No.  4  slot  with  16.3 
million  customers,  but  Alltel  will  be  a  close 
fifth  if  its  merger  with  Western  is  approved 


authorities,  from  one  governmental  author¬ 
ity  to  another,  and  between  members  of 
the  public  trying  to  reach  each  other.  “It  is 
clear  the  Internet  has  much  to  offer  each  of 
these  scenarios,”  she  says. 

However,  the  Internet  has  one  major 
drawback  when  it  comes  to  emergency 
communications:  It’s  a  best-effort  commu¬ 
nications  system,  so  there’s  no  guarantee 
that  an  important  message  will  be  received 
in  a  particular  time  frame.  That’s  what  the 
IETF  is  trying  to  fix  with  its  ongoing  devel¬ 
opment  effort. 

“With  the  tsunami  situation,  you  would 
want  an  e-mail  or  instant  message  to  go 


(the  deal  is  subject  to  regulatory  approval). 
The  Western  acquisition  would  bring  with 
it  1.4  million  domestic  customers  and 
increase  Alltel’s  customer  base  to  9.9  mil¬ 
lion  from  8.3  million. 

Alltel  CEO  Scott  Ford  made  it  clear  last 
week  that  the  company  will  continue  to 
explore  opportunities  to  “grow  the  business 
through  acquisition.” 

Alltel’s  proposed  merger  comes  three 
months  after  Cingular  closed  its  $41  billion 
merger  with  AT&T  Wireless,  which  created 
the  largest  U.S.  mobile  service  provider. 

Analysts  see  more  deals  coming. 

“We  will  see  more  rounds  of  rural  con¬ 
solidation,  we  may  see  Sprint  move  to  pro¬ 
tect  its  affiliate  interests,  and  we  may  possi¬ 
bly  see  some  international  acquisitions  of 
U.S.  companies  as  the  next  big  bang,”  says 
Bob  Egan,  president  of  consulting  firm 
Mobile  Competency 

Egan  says  that  because  52%  of  Sprint’s 


from  the  warning  center  to  the  right  place 
and  get  there  in  a  stated  amount  of  time,” 
Baker  says.  “The  message  must  be  known 
to  be  coming  from  an  authenticated  user, 
and  it  must  be  flagged  as  an  important 
message  that  needs  to  get  through  in  a  cer¬ 
tain  amount  of  time.  If  the  message  wasn’t 
able  to  be  delivered  in  the  stated  amount 
of  time,  it  needs  to  bounce  back.That’s  the 
kind  of  capability  we’re  talking  about.” 

In  contrast,  the  public  switched  tele¬ 
phone  network  (PSTN)  can  prioritize 
emergency  communications  for  applica¬ 
tions  such  as  the  U.S.  Government 
See  Tsunami,  page  34 


network  is  made  up  of  affiliate  partner  net¬ 
works,  Sprint  might  try  to  acquire  some  of 
those  affiliates.  But  it’s  more  likely  Sprint 
will  have  to  stay  focused  on  its  pending 
Nextel  merger  first. 

“The  next  round  of  acquisitions  will 
likely  include  an  international  operator 
buying  some  U.S.  carrier,”  Egan  says. 
Considering  T-Mobile  is  “sitting  around 
looking  pretty  weak,  they  may  make  a 
move.”  T-Mobile  is  part  of  T-Mobile 
International,  a  business  unit  of  German 
telco  Deutsche  Telekom. 

Vodafone,  which  owns  45%  of  Verizon 
Wireless,  also  could  make  a  move  as  might 
NTT  DoCoMo,  which  owned  a  significant 
portion  of  AT&T  Wireless.These  companies 
might  be  more  interested  in  owning  a  U.S. 
service  provider  outright. 

Which  brings  us  back  to  Alltel.  With  its 
purchase  of  Western  Wireless,  Alltel  also  is 
See  Wireless,  page  34 


Wireless  landscape  continues  to  shift 

Alltel  acquisition  of  Western  Wireless  the  latest  move  in  an  active  industry. 


EYE  ON  THE 
CARRIERS 

Johna  Till 
Johnson 


One  of  the  great  things  about  being  a 
columnist  is  that  you  get  to  critique 
everybody  else’s  performance  from  a 
safe  vantage  point.  Except  for  once  a  year, 
when  we  pundits  dust  off  last  year’s  predic¬ 
tions  and  see  flow  well  they  stood  up. 

Herewith,  an  assessment  of  my  calls  for 
2004: 

Prediction  No.  1:  Last  year  I  wrote,  “At 
least  one  major  Fortune  2000-caliber  com¬ 
pany  will  raise  eyebrows  by  going  with  a 
cable  company  —  rather  than  a  telco  —  as 
its  primary  voice  and  data  provider.  Am  I 
nuts?  Maybe.” 

Regarding  my  sanity  the  jury’s  still  out. 


About  those  predictions  made  here  last  year . . . 


Regarding  my  prediction,  the  outcome’s 
pretty  clear:  Didn’t  happen. 

That  said,  the  overall  trend  is  still  correct. 
In  2004,  Cox  Business  Services  announced 
deals  with  several  midsize  to  large  compa¬ 
nies  under  which  the  company  provides 
voice,  data  and  Internet  services.  They 
include  Legacy  Bank  and  Big  Dog  Motor¬ 
cycles  in  Kansas,  and  most  notably  Boeing 
Wichita  (which  makes  parts  for  virtually 
every  commercial  Boeing  airline  and  pro¬ 
vides  military  aerospace  support).  Now 
Boeing  is  obviously  a  Fortune  2000  com¬ 
pany  but  Cox  is  hardly  the  “primary”  carrier. 
I’ll  award  myself  half  a  point. 

Prediction  No.  2:  Speaking  of  conver¬ 
gence,  there  will  be  a  significant  event  this 
year  that  marks  it  as  “the  year  of  conver¬ 
gence.”  Dead  on.The  only  problem  is  which 
event  to  pick.  AT&T’s  introduction  of 
CallVantage?  How  about  Vonage  doubling 
from  200,000  to  400,000  subscribers?  Or 


the  fact  that  the  FCC  finally  bestirred  itself 
to  consider  the  regulatory  status  ofVoIP? 

Prediction  No.  3.  “VoIP  services  will  go 
mainstream."  Another  solid  hit  —  see 
above  for  examples.I’ll  qualify  that, though, 
by  noting  that  enterprise  customers  are  still 
justly  skeptical  of  what  carriers  bring  to  the 
table  around  VoIP  The  majority  of  installa¬ 
tions  I’ve  looked  at  over  the  year  have  been 
in-house,  augmented  by  support  from  ven¬ 
dors  and  consultants.  (Carriers,  make 
“strengthen  your  VoIP  value  proposition”  a 
priority  for  2005.) 

Prediction  No.  4:  “Local  loop  prices  will 
finally  start  to  drop.”  Hmm.  It’s  hard  to  claim 
unqualified  success  here.  While  many  IT 
executives  have  gained  significant  savings 
through  aggressive  negotiation  and  the 
willingness  to  consider  alternative  band¬ 
width  providers  (cable  companies  and 
managed  remote  service  providers  among 
them),  it’s  not  fair  to  say  that  local  circuit 


costs  have  universally  come  down.  I’ll  give 
myself  half  a  point. 

Total  score:  75%.  Keeping  in  mind  the 
famous  Mark  Twain  quote  about  lies, 
damned  lies  and  statistics,  how  good  a 
score  is  that?  I’ve  taken  engineering  cours¬ 
es  in  which  the  grade  curve  was  so  steep 
that  75%  would  qualify  for  an  A.  But  in  most 
non-curve  grading  schemes,  it’s  a  solid  C. 

That  said,  parapsychologists  (like  the 
guys  at  Duke  University)  who  scientifically 
assess  the  ability  of  putative  psychics  to 
look  into  the  future  would  rank  this  a 
home  run  —  300%  better  than  you’d  get  by 
random  guessing.  With  numbers  like  that,  I 
should  start  prognosticating  for  profit  — 
oh,  wait,  I  already  have. 

Johnson  is  president  and  chief  research 
officer  at  Nemertes  Research,  an  indepen¬ 
dent  technology  research  firm.  She  can  be 
reached  at  johna@nemertes.com. 


Tsunami 

continued  from  page  33 

Emergency  Telecommunications  Service 
(GETS),  which  is  used  in  the  aftermath  of 
terrorist  attacks,  hurricanes  and  other  nat¬ 
ural  disasters.  With  GETS,  bandwidth  is 
reserved  for  emergency  calls,  and  users 
also  can  schedule  calls  to  guarantee  they 
go  through. 

The  U.S.  military  also  has  special  tele¬ 
phone  systems  that  support  pre-emption  to 
make  sure  important  calls  —  such  as  from 
the  commander  in  chief  —  are  connected 
regardless  of  other  traffic  on  the  system. 


Wireless 

continued  from  page  33 

getting  a  respectable  international  cus¬ 
tomer  base  for  the  first  time. 

In  addition  to  providing  wireless  service 
in  19  states  in  the  U.S.,  Western  Wireless 
offers  mobile  services  to  1.6  million  cus¬ 
tomers  in  six  other  countries. 

While  Alltel  is  more  than  a  regional 
provider,  it  is  not  yet  a  major  national  or 
international  player.  Alltel  provides  wireless 
service  to  8.3  million  customers  in  20  states. 
It  also  offers  landline  local  telephone  ser¬ 
vice  to  about  5  million  customers.  But  it 
looks  as  though  Alltel  is  not  satisfied  with  its 
near-national  wireless  network  and  has 
been  picking  up  wireless  assets  from  a 
handful  of  providers,  including  deals  with 
MobileTel,  PCS  Wireless,  U.S.  Cellular,  TDS 
Telecom  and  most  notably  Cingular. 

In  November,  Alltel  struck  a  deal  with 
Cingular  to  buy  spectrum  and  customer 
contracts  that  the  carrier  had  to  divest  after 
closing  its  merger  with  AT&T  Wireless. 

But  the  Western  acquisition  is  Alltel’s 
largest.  The  service  provider  is  a  good 
match  because  it  lets  Alltel  expand  service 
in  the  western  U.S.,  an  area  where  it  has 
had  littie  coverage, and  because  it’s  a  good 
network  fit.  Both  service  providers’  net- 


Neither  pre-emption  nor  prioritization  of 
voice  calls  is  possible  over  the  Internet 
today  using  standard  protocols. 

“Today’s  VoIP  services  generally  don’t  sig¬ 
nal  for  bandwidth.  They’re  fairly  limited  in 
their  knowledge  of  the  network,”  Baker 
says.“If  we’re  going  to  do  anything  like  call 
scheduling  or  call  pre-emption  in  the 
Internet,  we  need  a  whole  lot  more  intelli¬ 
gence  in  the  network  to  make  that  happen.” 

So  far,  the  IETF  has  not  developed  any 
new  mechanisms  or  protocols  for  handling 
emergency  communications.  Instead,  the 
group  has  been  identifying  requirements 
for  Internet-based  emergency  communica- 


Wireless  consolidation 

Customer  totals  for  top  providers 
and  how  pending  mergers  will 
change  the  landscape. 

Customer  breakdown 


■  Cingular  Wireless  91  Other 

■  Verizon  Wireless  ■  Sprint+Nextel 

■  T-Mobile  ■  Alltel  -^Western  Wireless 

*  ACCORDINGTOTHE  CELLULAR  TELECOMMUNICATIONS  4 
INTERNET  ASSOCIATION  THERE  ARE  174.2  MILLION  CELLULAR 
USERS  IN  THE  U.S.  TODAY. 


works  are  based  on  Code  Division  Multiple 
Access  (CDMA),  although  Western  also 
operates  a  separate  GSM  network  for  its 
Cellular  One  affiliates. 

Alltel’s  Ford  says  that  the  joined  company 
will  continue  to  invest  in  the  CDMA' net¬ 
works  and  will  look  at  ways  to  possibly 
offer  GSM  roaming  to  Alltel  customers, 
which  is  not  currently  available.  ■ 


tions  and  creating  high-level  frameworks 
that  government  agencies  can  use  to  create 
these  systems. 

The  IETF  formed  IEPREP  in  response  to  a 
U.S.  government  request  after  the  Sept.  1 1 
attacks.  Since  its  founding  in  February 
2002,  IEPREP  has  published  four  docu¬ 
ments  that  outline  requirements  and  termi¬ 
nology  for  emergency  telecommunica¬ 
tions  systems.  Three  other  documents, 
including  a  framework  for  supporting 
emergency  telecommunications  in  IP  tele¬ 
phony  await  final  approval. 

“We  were  working  on  requirements  and 
framework  documents.  To  actually  create 
an  emergency  telecommunications  ser¬ 
vice,  you  really  need  to  hone  down  to  very 
specific  scenarios,”  King  says.  “We  tried  to 
stay  very  general.” 

IEPREP  plans  to  publish  one  more  docu¬ 
ment,  which  will  offer  best  practices  for 
deploying  Internet-based  emergency  tele¬ 
com  services  using  existing  protocols.  This 
document  should  be  finished  this  year, 
King  says.  After  that,  the  group’s  fate  is 
unclear. 

“IEPREP  was  only  chartered  to  come  up 
with  requirements.  It  wasn’t  chartered  to 
come  up  with  any  solutions,”  Baker  says. 
“We’re  going  to  have  to  re-charter  IEPREP 
to  produce  solutions  or  charter  another 
group  to  produce  solutions.” 

Another  key  piece  of  protocol  work  that’s 
needed  is  a  header  for  the  Session 
Initiation  Protocol  (SIP)  that  can  identify 
emergency  communications  and  give 
them  priority  This  header  could  provide 
prioritization  of  emergency  calls  or  mili¬ 
tary-style  pre-emption. 

“The  header  allows  a  caller  to  indicate 
that  the  call  should  have  prioritized  access 
to  communication  resources,  such  as  IP 
telephony  gateway  circuits,”  says  Henning 
Schulzrinne,  one  of  the  IETFs  foremost 
authorities  on  SIP  and  a  professor  of  com¬ 
puter  science  at  Columbia  University  in 
New  York.  “It  is  used  in  conjunction  with 
authorization.” 


Schulzrinne  says  the  header,  which  the 
IETF’s  SIP  group  is  working  on,  should  be 
finalized  in  March. 

Once  the  standards  are  done,  the 
demand  for  Internet-based  emergency 
communications  systems  is  expected  to  be 
significant.  The  U.S.  government  has  devel¬ 
oped  a  prototype  of  a  GETS-like  service 
that  would  ride  over  the  Internet  instead  of 
the  PSTN.  Meanwhile,  the  U.S.  military  and 
fellow  NATO  countries  have  told  the  net¬ 
work  industry  they  need  priority  and  pre¬ 
emption  capabilities  before  they  can 
migrate  to  VoIP 

In  particular,  the  U.S.  Defense  Information 
Systems  Agency  is  interested  in  the  IETFs 
IEPREP  work  for  its  internal  network.“They 
do  have  multilevel  pre-emption  and  prece¬ 
dence  currently  on  their  circuit-switched 
networks,  and  they  want  to  put  it  in  their 
SIP  and  H.323  [videoconferencing]  net¬ 
works,”  King  says. 

The  International  Telecommunications 
Union  also  has  a  project  looking  at 
Telecommunications  for  Disaster  Relief. 
This  group  is  tracking  the  IETFs  progress, 
King  says. 

“There  is  very  strong  governmental 
demand,”  Baker  says.“I  suspect  that  whatev¬ 
er  the  U.S.  winds  up  doing  will  be  adopted 
by  the  rest  of  the  countries.” 

Some  corporations  with  critical  commu¬ 
nications  also  might  be  interested  in  this 
capability  for  their  private  IP-based  net¬ 
works.  For  example,  companies  in  trans¬ 
portation,  energy  or  financial  services 
might  want  to  prioritize  Internet  communi¬ 
cations  in  the  case  of  a  business  emer¬ 
gency  such  as  an  airline  crash,  nuclear 
plant  problem  or  stock  market  action. 

“This  is  really  only  an  issue  where  com¬ 
munication  capacity  is  scarce,”  Schulzrinne 
says.“I  could  imagine  using  something  like 
this  for  enterprises  that  have  expensive  and 
scarce  circuits  and  may  need  these  for 
high-priority  business  use... [like]  oil  com¬ 
panies  having  crews  on  56K  bit/sec  lines  in 
remote  places.”  ■ 


ROADM  spurs  DWDM  scalabiii 


■  BY  BARRY  FIELD 

New  applications,  government  regula¬ 
tions  and  the  migration  of  traditional 
business  functions  to  e-business  models 
are  driving  deployment  of  dense  wave¬ 
length  division  multiplexing  networks  as 
a  cost-effective,  scalable  solution  for  high- 
bandwidth  needs.  But  early  adopters  of 
enterprise  DWDM  networks  have  found 
scalability  falls  short  of  their  demands 
because  of  the  onerous  redesign  re¬ 
quired  to  upgrade  DWDM  networks. 

Reconfigurable  DWDM  networking, 
based  on  reconfigurable  optical  add/drop 
multiplexers  (ROADM),  eliminates  the 
growing  pains  associated  with  legacy 
DWDM  networking  techniques.  ROADMs 
provide  an  automated  mechanism  to  flexi¬ 
bly  add  capacity  as  it’s  needed  without 
resorting  to  expensive,  service-interrupting 
forklift  upgrades. 

ROADMs  give  network  administrators  the 
ability  to  select  via  software  which  of  32 
DWDM  channels  to  add,  drop  or  pass¬ 
through  at  each  site  in  a  DWDM  network. 
This  lets  them  seamlessly  add  services  as 
end-user  demand  necessitates. 

ROADM  functionality  comprises  two  ele¬ 
ments,  wavelength  selection  and  de-multi- 
plexing.  The  roles  of  wavelength  selection 
and  de-multiplexing  are  performed  by  their 
their  respective  physical  components: 
wavelength  selector  switch  (WSS)  and  de¬ 
multiplexer  (DMX).The  WSS  provides  the 
software  selectable  wavelength  function, 
whereby  users  choose  which  wavelength 
or  group  of  wavelengths  to  add/drop  at  a 
particular  ROADM  site  on  a  network.  On  the 
“drop”  path,  the  DMX  de-multiplexes  the 
group  of  wavelengths  dropped  by  the  WSS 
into  individual  channels  that  subsequently 


■  HOW  IT  WORKS 


Reconfigurable  optical  add/drop 
multiplexer 

A  ROADM  node  is  capable  of  adding  or  dropping  any 
combination  of  1  to  32  wavelengths  to/from  a  two- 
fiber  dense  wavelength  division  multiplexing  (DWDM) 
ring.  This  functionality  is  implemented  using  a 
wavelength  selector  switch  and  de-multiplexer. 
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©  The  drop/pass-through  element  splits 
the  inbound  composite  DWDM  signal  into 
two  paths  based  on  software  pro¬ 
visioning.  Dropped  wavelengths  can  be 
blocked  at  this  point  or  continue  as  part 
of  the  composite  DWDM  signal. 


©  The  32-wavelength  DMX 
component  de-multiplexes  the 
group  of  dropped  channels  into 
single-wavelength  channels 
that  drive  DWDM  transponder/ 
muxponder  receivers. 


©  DWDM  transponder/ 
muxponder  signals  are 
added  to  the  pass-through 
channels  from  Step  1  to 
form  the  outbound  DWDM 
composite  signal. 


drive  the  receive  inputs  of  collocated  client 
devices  such  as  Ethernet  switches  and 
Fibre  Channel  switches.  Hence,  WSS/DMX 
components  combine  to  provide  the  nec¬ 
essary  capability  to  add  or  drop  any  of  32 
wavelengths  from  the  composite  DWDM 


line  signal  to/from  client  devices. 

The  significant  difference  between  the 
function  provided  by  the  ROADM  configu¬ 
ration  and  a  simple  32-channel  multiplexer/- 
demultiplexer  (that  is,  a  terminal  filter  used 
in  legacy  DWDM  networks)  is  the  ability  to 


block  or  pass-through  any  combination  of 
the  32  DWDM  wavelengths,  providing  net¬ 
work  administrators  with  unlimited  flexibil¬ 
ity  at  every  ROADM  node  in  a  DWDM  net. 

The  primary  benefit  of  an  enterprise 
ROADM  network  is  its  ability  to  add  capaci¬ 
ty  wherever  and  whenever  it  is  required, 
with  the  assurance  that  the  underlying  net¬ 
work  automatically  will  compensate  for  the 
added  traffic,  eliminating  the  need  for  man¬ 
ual  tuning  or  wholesale  upgrades. 

In  a  ROADM  network, only  those  points  in 
the  network  that  require  additional  ser¬ 
vices  are  touched.  Once  a  transponder  or 
muxponder  is  installed  to  transmit  or 
receive  the  new  wavelength  between  cus¬ 
tomer  premises  equipment  at  endpoint 
locations,  a  network  administrator  con¬ 
nects  the  two  points  via  provisioning  soft¬ 
ware  and  the  ROADM  network  adds/drops 
the  appropriate  wavelength  at  the  new 
locations.  No  new  equipment  is  required, 
traffic  is  not  interrupted  and  service  tech¬ 
nicians  do  not  need  to  be  dispatched  to 
intermediate  locations  to  manually  com¬ 
pensate  for  the  added  traffic  load. 

New  government  and  industry  regula¬ 
tions,  expansion  as  a  consequence  of  unan¬ 
ticipated  success,  and  new  data-intensive 
applications  are  just  a  few  examples  of  po¬ 
tential  surprises  awaiting  network  admin¬ 
istrators.  Having  a  ROADM-enabled  DWDM 
infrastructure  that  easily  and  seamlessly 
can  add  bandwidth  to  handle  unanticipat¬ 
ed  growth  lets  IT  focus  energy  and  re¬ 
sources  on  other  tasks  with  the  confidence 
that  mission-critical  traffic  can  be  expand¬ 
ed  or  re-directed  to  wherever  it’s  needed. 

Field  is  a  product  manager  in  Cisco's  opti¬ 
cal  transport  group.  He  can  be  reached  at 
bfield@cisco.  com. 


Or.  Internet 


By  Steve  Blass 


We  tried  to  upgrade  a  Red  Hat  system  to  the 
newest  2.6.x  kernel  but  something  went  wrong.  It 
booted  using  the  old  kernel,  but  the  network 
broke.  The  new  kernel  compiles  but  will  not  install. 
An  error  message  says  mkinitrd  fails  because  all 
the  loopback  devices  are  in  use.  Gan  we  recover 
the  system  and  get  the  new  kernel  installed? 

To  recover  the  system,  boot  with  the  Red  Hat  in¬ 
stallation  disk  and  re-install  Red  Hat,  very  careful 


to  correctly  identify  disk  partitions  with  the  origi¬ 
nal  labels,  and  choose  not  to  format  the  drives. 
This  should  bring  you  back  to  where  you  started. 
After  rebooting  the  re-installed  Red  Hat  system, 
build  and  install  the  new  kernel.  Make  sure  you 
have  the  newest  module-init-tools  (details  at 
www.nwfusion.com,  DocFinder:  5532).  Configure 
them  for  installation  with  the  command  “configure 
— pref  ix=/."  If  you  installed  them  previously,  do  not 
re-run  the  "make  moveold”  command.  Now  con¬ 


figure  the  new  kernel.  Configure  the  Ext3  file  sys¬ 
tem  Into  the  new  kernel  rather  than  building  it  as  a 
module.  Build  the  new  kernel  and  run  “make  in¬ 
stall."  Your  kernel  should  boot  without  complaining 
about  missing  modules.  More  information  can  be 
found  at  DocFinder:  5533. 

Blass  is  a  network  architect  at  Change@Woik  in 
Houston.  He  can  be  reached  at  dr.internet@change 
atwork.com. 
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Windows  cooperating  with  Linux,  honest! 
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GEARHEAD 
INSIDE  THE 
NETWORK 
MACHINE 

Mark 

Gibbs 


We  are  delirious  with  joy  or  maybe  it 
is  just  that  we’ve  spent  too  long  star¬ 
ing  at  the  screen. . . .  Whatever,  we 
just  found  the  coolest  hack  that  you  just 
have  to  check  out! 

We’re  playing  with  Debian  Linux  running 
cooperatively  with  Windows. Yes,  you  might 
go  back  and  re-read  that  sentence.  This  fas¬ 
cinating  system  is  called  coLinux  and  it 
allows  the  Linux  kernel  to  run  as  a  program 
or  service  under  Windows  2000  or  XP  with¬ 
out  using  a  commercial  PC  virtualization 
system  such  as  User  Mode  Linux  or 
VMware. 

Specifically  coLinux  —  a  port  of  the  2.6 
kernel  —  is  “special  driver  software  on  the 
host  operating  system  [that  executes]  the 
coLinux  kernel  in  a  privileged  mode 
[known  as  ring  0  or  supervisor  mode]  "says 
coLinux  development  team  leader  and 
project  originator  Dan  Aloni. 

Aloni  goes  on:  “By  constantly  switching 
the  machine’s  state  between  the  host  oper¬ 
ating  system  state  and  the  coLinux  kernel 
state,  coLinux  is  given  full  control  of  the 


physical  machine’s  [Memory  Management 
Unit]  (such  as  paging  and  protection)  in  its 
own  specially  allocated  address  space,  and 
is  able  to  act  just  like  a  native  kernel, 
achieving  almost  the  same  performance 
and  functionality  that  can  be  expected 
from  a  regular  Linux  which  could  have  ran 
on  the  same  machine  stand-alone.” 

To  share  hardware  with  the  host  operat¬ 
ing  system,  coLinux  does  not  access  I/O 
devices  directly  Aloni  says  coLinux  “inter¬ 
faces  with  emulated  devices  provided  by 
the  coLinux  drivers  in  the  host  operating 
system. . . .  All  real  hardware  interrupts  are 
transparently  forwarded  to  the  host  operat¬ 
ing  system,  so  this  way  the  host  operating 
system’s  control  of  the  real  hardware  is  not 
being  disturbed  and  thus  it  continues  to 
run  smoothlj/’ 

The  final  crucial  point  is  that,  “since 
coLinux  uses  the  same  binary  format  for 
user-space  executables  as  native  Linux, 
coLinux  can  load  and  run  an  existing  un¬ 
modified  Linux  distribution  concurrently 
with  the  host  operating  system.” 

In  other  words,  coLinux  is  really  Linux 
and  thus  becomes  a  remarkably  effective 
platform  for  learning  how  Linux  works  and 
for  running  those  cool  Linux-only  applica¬ 
tions  under  Windows. 

You  can  find  coLinux  at  www.colinux. 
org.  Download  the  installer  from  the  co¬ 


Linux  project’s  Sourceforge  site,  http:// 
sourceforge.net/project/showfiles.php7gro 
up_id=98788,  and  run  the  install  program. 

The  installation  process  is  simple,  but 
avoid  installing  coLinux  under  the 
“Program  Files”  subdirectory  (or  for  that 
matter  any  other  subdirectory  with  a  long 
name),  otherwise  you’ll  need  to  know  the 
subdirectory’s  short  name  when  you  get 
around  to  configuring  the  system. 

Once  you  have  coLinux  installed  you’ll 
need  a  Linux  distribution  root  image  — 
an  image  of  an  installed  distro  that’s 
stored  in  a  file.You  can  download  a  distro 
root  image  file  from  http://prdown- 
loads.sourceforge.  net/colinux/  —  we 
used  the  Debian  version. 

The  root  image  files  in  this  library  have  an 
extension  of  bz2,  as  they  are  compressed 
with  bzip2.You  can  decompress  these  files 
with  bzip2  (http://sources.redhat.com/ 
bzip2/)  orTUGZip  (www.tugzip.com). 

You’ll  need  to  create  a  swap  file  which 
you  can  download  as  a  bzip2  compressed 
root  image  from  http://gniarf.nerim.net/col 
inux/swap/  —  choose  a  version  that  is  the 
same  size  as  the  amount  of  RAM  you  plan 
to  allocate  for  coLinux  to  run. 

You  are  now  ready  to  edit  the  configura¬ 
tion  file  so  that  the  coLinux  loader  knows 
where  its  disk  devices  are  (really  Windows 
files),  which  swap  device  to  use  (again,  it’s 


a  Windows  file),  which  kernel  to  use,  how 
much  memory  to  use  (by  default  it  is  a 
miserly  64M  bytes),  and  how  networking  is 
set  up. 

To  get  networking  working  you  have 
three  choices:You  can  use  network  address 
translation,  enable  Windows  Connection 
Sharing  or  set  up  a  bridged  network  con¬ 
nection.  We  recommend  using  the  Win¬ 
dows  Connection  Sharing  configuration 
just  to  get  started. 

If  you  have  set  up  everything  right,  then 
open  a  command  window  in  the  coLinux 
subdirectory  and  enter  the  command: 

colinux-daemon.exe  -c  d:\progra~l 
\coLinux\colinux.default.xml 

You  should  see  the  coLinux  system  ini¬ 
tialize  and  whatever  distribution  you 
selected  should  load.  A  window  titled 
“Cooperative  Linux  Console”  should  open 
and  the  rest  of  the  boot  process  will  be  dis¬ 
played  until  finally  you  see“colinux  login:” 
to  which  the  answer  —  if  this  is  the  first 
time  you’ve  run  coLinux  —  should  be 
“root”  without  a  password. 

If  you  know  Linux,  enjoy  If  you  don’t,  then 
next  week  we’ll  delve  deeper  . . .  you  can 
shut  down  your  coLinux  with  “shutdown 
-h  noW’ 

Expostulations  of  joy  to  gearhead@ 
gibbs.com. 


Goolfools 

Quick  takes 
on  high-tech  toys 

By  Keith  Shaw 


A  canceled  flight,  big  crowds,  long  cab  lines  and  even 
lost  luggage  couldn’t  deter  my  enthusiasm  at  the 
2005  Consumer  Electronics  Show,  the  annual  trade 
show  that  gets  bigger  each  year.  Among  the  large  TVs 
(Samsung  was  showing  the  world’s  first  102-inch  TV 
screen),  digital  cameras  and  home  theater  speakers  were 
some  pretty  cool  network  and  storage  devices. While  some 
of  these  products  might  not  be  out  for  a  few  months,  the 
following  devices  and  technologies  got  me  pumped  up: 

•  SanDisk,  a  leader  in  the  portable  storage  market,  im¬ 
pressed  me  with  its  innovative  Secure  Digital  Flash  mem¬ 
ory  card  that  also  includes  built-in  USB  connectivity  Within 
the  form  factor  of  the  Secure  Digital  card  sits  a 
USB  connector,  eliminating  the  need 
for  a  Flash  card  reader.  For  exam-  k 

pie,  a  digital  camera  user  can  take  K 

the  Secure  Digital  card  out  of  the 
camera,  snap  open  the 
USB  connector  and 
insert  the  card  into  a 
USB  port  for  instant 
access  to  the  pho¬ 
tos.  Simply  amaz¬ 
ing.  SanDisk  says 
products  with  the 
new  design  will  be 
introduced  in  the  first 


SanDisk  merged  a  Secure  Digital  card 
with  a  USB  port.  Brilliant. 


Staying  happy  and  cool  at  CES 


quarter  of  this  year.  Storage  capacities 
are  expected  to  be  as  high  as  1G  byte 
for  the  new  card. 

•  Buffalo  Technology  continues  to 
raise  the  bar  with  some  of  its  prod¬ 
ucts,  and  this  year’s  CES  offerings 
were  no  different. 

It  was  hard  to  pick  one  favorite  from 
the  three  new  products  Buffalo 
launched:  an  802. 1  lg  wireless  version 
of  its  LinkStation  Network  Storage 
Center  (between  $350  and  $550, 
depending  on  storage  capacity, 
due  in  February),  a  lT-byte  (yes, 
terabyte)  network-attached  storage  (NAS)  system  (the 
TeraStation  HD-H1.0TGL/R5,  about  $1,300,  due  in 
February),  and  the  LinkTheater  high-definition  wireless 
media  player  (PC-P3WG/DVD,  $350,  due  in  February), 
which  not  only  streams  music  and  photos  wirelessly  from 
a  computer  to  a  TV  but  also  includes  a  DVD  player  and 
can  stream  Windows  Media  Video  high-definition  files. 

•  Archos  always  has  led  the  way  in  portable  media 
players  and  has  come  out  with  another  impressive 
device.  Its  new  Pocket  Media  Assistant  combines 
audio  and  video  playing  capabilities  with  a  wireless 
connection  (802.1  lb),  a  Linux  platform  and  person¬ 
al  information  management  features  such  as  a  cal¬ 
endar,  contacts  and  to-do  lists. 

The  PMA430  includes  an  LCD  touchscreen  and  30G- 
byte  hard  drive,  and  can  act  as  a  USB  host  for  attaching 
other  storage  peripherals.  For  example,  users  can  directly 
connect  their  digital  camera  to  the  device  to  transfer  pho¬ 
tos,  or  attach  a  USB-enabled  keyboard  and  use  the  device 


as  a  miniature  laptop  (at  least  for 
the  personal  information  manager 
functions).  The  wireless  connec¬ 
tion  provides  Internet  access  at 
public  hot  spots  and  other  wire¬ 
less  locations,  and  the  Linux  plat¬ 
form  allows  for  additional  applica¬ 
tions  (Archos  says  it  will  soon 
release  a  software  developer’s  kit 
for  the  device.)  The  Pocket  Media 
Assistant  is  expected  to  ship  by  the 
end  of  this  month  for  about  $800. 

•  Maxtor  has  entered  the  NAS 
market  with  its  Maxtor  Shared 
Storage  device  ($300  to  $400,  depending  on  storage  capac¬ 
ity  due  in  February),  which  connects  to  a  home  network 
and  provides  the  ability  to  store  and  share  all  a  user’s 
music,  photos,  videos  and  other  documents  among  all  of 
the  computers  on  a  network. 

While  NAS  is  not  a  brand-new  category,  marketing  it 
toward  consumers  is  new,  and  Maxtor  seems  to  have  done 
a  good  job  with  its  user  interface  (we  haven’t  tested  it  yet) 
to  make  installation  and  management  a  simple  task.  For 
example,  a  user  can  take  all  the  files  he  wants  to  transfer  to 
the  device,  and  the  system  will  automatically  sort  the  files 
by  file  type,  and  organize  them  in  different  files. 

We’ve  got  more  CES  coverage  online  —  head  to 
www.nwfusion.com,  DocFinder:  5432,  to  see  our  Giant  Big 
Box  of  CES  Fun,  and  the  CES  Report  on  Network  World 
Fusion  Radio,  highlighting  the  products  and  trends  from 
the  show. 

Shaw  can  be  reached  at  kshaw@nww.com. 


I  >3RCHOS 


Archos’  Pocket  Media  Assistant  plays  audio  and 
video,  and  acts  like  a  wireless  PDA. 
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Register  today  at  linuxworldexpo.com  for  your  FREE  Exhibit  Hall  pass. 


Linux.  Reliability.  Efficiency.  Cost  Savings.  If  you're  thinking  about  Linux  or  Open  Source,  the 
time  is  now.  And  LinuxWorld  Conference  &  Expo  is  where  you  need  to  be.  Expect  the  following 
cutting  edge  insights: 

•  Forward-thinking  Keynote  presentations  by  industry  thought  leaders  from  Novell,  HP,  Computer 
Associates,  and  MySQL. 

•  10  hours  of  FREE  educational  programming  on  everything  from  the  State  of  Linux  and  Open 

Source  technology  to  Linux  and  desktop  users.  w-  < 

•  The  world's  leading  hardware  and  software  vendors  as  well  as  the  hottest 
new  start-ups  giving  you  the  opportunity  to  evaluate  and  test  drive  the 
latest  technology. 

And  that's  only  the  beginning.  LinuxWorld  Conference  &  Expo  -  where  professionals  come  to  do 
business  better. 
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Toni  Kistner 

GES:  Slush  on 
ground,  slush 
in  the  market 


The  joke  at  this  year’s  Consumer  Electronics  Show  in 
Las  Vegas  was  inspired  by  the  freak  weather.  When 
cold  rain  switched  briefly  to  flurries,  people  started 
saying,“Look  at  that,  hell  really  does  freeze  over.” 

But  snow  in  Vegas  wasn’t  the  only  surprise.  Hiding  in 
plain  sight  amid  the  consumer  electronics  and  home  and 
vehicular  entertainment  vendors  were  button-down  busi¬ 
ness  vendors. When  I  asked  the  rep  from  Corda  Technol¬ 
ogies,  which  makes  data  presentation  (graphing)  software, 
why  his  company  was  there,  he  grinned  and  said, “Hoping 
to  see  you  here,”  meaning  Network  World. 

Others,  like  start-up  Anthology  Solutions,  tried  to  please 
everybody  with  its  new  Yellow  Machine,  a  1.6T-byte  network- 
attached  storage  box  with  an  eight-port  switch  that  does 
RAID  0, 1  and  5. When  1  asked  about  the  target  market,  the 
rep  said, “Oh,  this  box  is  perfect  for  small  offices,  corporate 
branch  offices, remote  offices  and  ...’’almost  as  an  after¬ 
thought, “for  home  entertainment  and  digital  pictures.” 

Vendors  weren’t  only  trying  to  target  every  segment  with 
one  product,  they  also  offered  products  for  every  segment. 
Everybody  for  example,  has  a  media  player.  Microsoft, 
which  puts  the  Media  Center  PC  at  the  heart  of  the  digital 
home,  showed  a  DVD-Recorder  built  on  Windows  CE  that 
it’s  co-developing  with  LG  Electronics.  A  DVD-R  from 
Microsoft?  Would  you  buy  a  plasma  TV  from  Dell? 

Zetera,  a  start-up  with  promising  IP-based  storage  tech¬ 
nology  that  scales  to  the  enterprise,  debuted  its  SANS 
box  first  for  consumers  and  small  offices  by  partnering 
with  Netgear.  Zetera  says  because  “the  technology  is 
unproven,”  it  wants  to  start  on  the  low  end  and  trickle  up. 
RAID  for  consumers? 

Another  prevalent  theme  was  the  idea  of  going  from 
“time  shifting” —  using  a  DVR  to  record  programming  to 
watch  when  you  want  —  to  “place  shifting” —  accessing 
home  network  content  from  a  portable  or  mobile  device 
such  as  a  handheld  player,  cell  phone  or  friend’s  PC.TiVo, 
Orb  Networks,  Sling  Media,  Archos  and  surely  others  have 
some  play  on  the  idea. 

Of  course,  for  place  shifting, you  need  digital  rights  man¬ 
agement  (DRM).But  between  Microsoft’s  Windows  Media 
DRM  10,  DTCP-IP which  is  supported  by  Intel  and  many 
CE  players,  and  RealNetworks’ Helix  DRM  10,  we’re  cov¬ 
ered.  And  most  agree  we  can  avert  a  DRM  standards  war 
by  including  enough  processing  power  in  player  devices 
to  support  them  all. 

If  nothing  else.CES  underscores  the  enormous  market 
opportunity  for  personal  technology  and  small  office/ 
home  entertainment  gear.  Savvy  business  vendors  will  fig¬ 
ure  out  a  way  to  ride  the  wave. 


—  Toni  Kistner 
Managing  Editor,  Net. Worker 
tkistner@nww.  com 


Too  good  to  be  true? 

It’s  nice  to  see  a  story  about  the  problems  with  spy¬ 
ware/adware  (“Test:  Enterprise-level  anti-spyware 
software,”  www.nwfusion.com,  DocFinder: 
5524).  However,  the  test  seems  too  positive. 

None  of  the  anti-spyware  products  I  use  on  a  daily 
basis  performs  at  the  level  described  in  the  test.  I  reg¬ 
ularly  use  Spybot  and  Ad-aware  and  used  to  use 
Spysweeper.  They  all  seem  to  be  good  at  catching 
some  spyware  and  poor  at  catching  others.  Each 
application  has  its  strengths  and  weaknesses,  and  in 
combination  they  catch  90%  of  the  spy- 
ware.  However,  when  I  do  manual  scans  of  the  reg¬ 
istry  and  file  system,  I  find  countless  remnants  left 
over.You  make  no  mention  of  the  fact  that  many  spy- 
ware  (some  strains  of  VX2,  for  example)  cannot  be 
removed  easily  by  these  applications. You  also  don’t 
mention  that  it’s  almost  always  a  requirement  to  go 
into  safe  mode  to  get  rid  of  many  of  them. 

I  consider  Spybot, Ad-aware  and  Spysweeper  to  be 
the  three  most  utilized  tools  on  the  Internet.  At  the 
very  least  I  expected  Ad-aware  to  get  a  mention  in 
your  test. You  give  Spybot  a  2  for  ease  of  use,  but  in 
the  test  you  state,  “Spybot  Search  &  Destroy’s  user 
interface  was  simple  and  intuitive.”  Your  rating  and 
text  do  not  jibe.  And  how  in  the  world  does  each  util¬ 
ity  get  a  5  for  identification  and  removal?  As  I  said,  I 
have  yet  to  see  any  anti-spyware  utility  that  is  perfect 
at  removing  spyware. 

Brian  Leach 
Principal 

Bluewater  Consulting  Services 
Huntington  Beach,  Calif. 

Test  author  Barry  Nance  replies:  realize  spyware  can 
be  difficult  to  remove  from  a  PC.  In  our  tests,  the  prod¬ 
ucts  did  a  good  job  of  detecting  and  removing  the  20 

E-mail  letters  to  jdix@nww.com  or  send  them  to  John  Dix,  editor  in 
chief,  Network  World,  1 1 8  Turnpike  Road,  Southborough,  MA  01772. 
Please  include  phone  number  and  address  for  verification. 


candidate  spyware  instances.  However,  we  empha¬ 
sized  in  the  review  the  number  of  spyware  definitions 
for  each  product  to  give  readers  a  perspective  on  the 
sheer  volume  of  spyware  instances. 

One  criterion  kept  some  vendors  out:  We  wanted  to 
look  at  products  that  offer  a  central  console  network 
administrators  can  use  to  direct,  update  and  control 
client  activity.  Ad-Aware  lacks  such  a  central  console. 
And  Spybot  rated  lower  in  the  ease-of-use  category, 
despite  its  intuitive  interface,  because  it  didn 't  have  a 
strong  central  console  feature. 

Finally,  we  invited  virtually  every  anti-spyware  ven¬ 
dor  to  participate.  For  a  variety  of  reasons,  many  de¬ 
clined.  At  the  time  we  did  the  review,  Computer  Associ¬ 
ates  and  Pest  Patrol  were  deep  in  negotiations  regard¬ 
ing  the  sale  of  the  software  to  CA  and  thus  were  too 
busy. 

Fighting  spam 

Thanks  for  the  great  job  on  testing  anti-spam  soft¬ 
ware  (DocFinder  5525).  I  am  in  the  middle  of  such 
a  project  right  now,  and  your  testing  has  saved  me 
hours  of  research  and  testing  on  my  own. 

Marietta  Walker 
Technology  development  manager 
Information  Services 
Central  Missouri  State  University 
Warrensburg,  Mo. 

Your  test  on  anti-spam  products  is  comprehensive 
but  not  exhaustive,  because  it  does  not  include  any 
open  source  products.  Two  of  the  best  open  source 
products  are  SpamAssassin  (DocFinder  5526)  and 
DSpam  (DocFinder:  5527).  It  would  be  interesting  to 
see  how  these  two  products  stand  up  to  the  best-of- 
breed  commercial  products  you’ve  tested. 

Vmu  Moses 
Department  of  Radiology 
Christian  Medical  College 
Tamil  Nadu,  India 


More  online!  www.nwftision.com  Find  out  what  readers  are  saying  about  these  and  other  topics.  DocFinder:  5523 
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SECURITY  CHECK 

Robert  Gezelter 


How  ISPs  can  defend  their  customers 


The  ISP  and  user  communities  exemplify  what  can  be  accom¬ 
plished  when  people  work  together.  Many  of  the  worm  and  virus 
outbreaks  of  the  past  few  years  were  contained  and  eliminated 
only  by  the  unsung  cooperation  of  ISP  staffs  throughout  the  world. 

In  my  column,  “Stopping  spoofed  packets  can  cut  down  on  DDoS 
attacks”  (www.nwfusion.com,  DocFinder:  5522),  I  noted  that  ISPs  can 
prevent  forged  traffic  by  taking  responsibility  for  enforcing  straightfor¬ 
ward  rules  on  traffic  that  originates  from  their  customers.  These  rules 
are  safe  for  the  simple  reason  that  traffic  should  only  be  entering  an 
ISP’s  network  with  valid  source  and  destination  addresses. 

The  cooperation  between  ISPs  has  been  as  exemplary  as  it  has  been 
consensual.The  question  is  not  what  happens  when  ISPs  cooperate;  the 
truly  important  question  is  what  happens  when  they  do  not. 
Specifically  what  happens  when  an  ISPparticuiarly  an  ISP  in  a  different 
country  ignores  or  refuses  to  cooperate  to  stop  abusive  traffic?  If  an 
overseas  ISP  will  not,  or  cannot,  deal  with  the  user  generating  the  traf¬ 
fic,  what  actions  are  possible? 

The  international  transportation  and  financial  trading  systems  pro¬ 
vide  real-world  models  for  dealing  with  correspondents  that  cannot 
ensure  the  integrity  of  their  transactions.  In  both  industries,  the  inter¬ 
mediary  is  required  to  bear  responsibility  for  the  integrity  of  the  trans¬ 
action.  Stockbrokers  are  required  to  “make  good”  on  stock  trades,  and  if 
an  airline  passenger  does  not  have  required  documentation,  the  carri¬ 
er  is  responsible  for  returning  him  to  his  point  of  embarkation. 

In  the  case  of  Internet  traffic,  the  solution  to  abusive  traffic  is  straight¬ 
forward.  If  an  ISP  passes  abusive  traffic  to  its  fellow  ISPs  and  refuses  to 
address  the  problem  on  an  ongoing  basis,  then  perhaps  the  ISP  merits 


the  ultimate  imposed  solution:  disconnection.  Disconnection  provides 
a  highly  specific  countermeasure  to  an  ongoing  pattern  of  abusive  traf¬ 
fic,  which  is  consistent  with  today’s  hierarchical,  international  Internet. 
It  encourages  ISPs  to  be  responsible  for  responding  to  reports  of  prob¬ 
lems  with  usage  originating  from  within  their  networks.  It  correctly 
encourages  higher-level  ISPs  to  respond  to  problems  originating  with 
their  retail  resellers. 

There  is  no  reason  for  the  receiving  ISP  to  dissipate  its  bandwidth  and 
customer  resources  on  attack  traffic.  Make  no  mistake,  while  low-grade 
abusive  traffic  might,  on  a  site-by-site  basis,  be  insignificant,  it  does  take 
up  network  bandwidth  en  route  and  complicates  Web  site  manage¬ 
ment.  It  might  lack  the  intensity  of  a  full-scale  distributed  denial-of-ser- 
vice  (DDoS)  attack,  but  in  the  aggregate  it  is  no  less  an  attack. 

Bogus  HTTP  requests  are  bogus  HTTP  requests,  regardless  of  their 
point  of  origin.  One  million  bogus  requests  from  1 ,000  different  sites  is 
a  DDoS  attack,  plain  and  simple.  Spreading  out  the  attack  over  more 
sites  merely  spreads  out  the  pain;  the  overall  damage  remains  the 
same. 

Requiring  all  affected  end  users  to  deal  with  such  abusive  traffic  is 
inefficient,  unwieldy  and  unmanageable.  Presenting  ISPs  with  the 
option  of  preventing  abuse  or  facing  disconnection  deals  with  the 
problem  at  its  point  of  origin  rather  than  at  its  destination,  at  lower  over¬ 
all  cost  to  the  community 

Gezelter  is  a  network  security  consultant  and  a  contributor  to  “The 
Computer  Security  Handbook,  4th  Edition." He  can  be  reached  via  his 
Web  site  at  www.rlgsc.com. 
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REAUTY  CHECK 

Thomas  Nolle 


Managed  services:  The  way  of  the  future 


1  ith  profits  on  long-haul  voice  and  data 
declining  at  double-digit  rates,  carriers 
are  looking  to  boost  the  bottom  line 
via  managed  services  that  bundle  equipment, 
support  and  transmission  into  one  package. 
As  a  result,  there’s  a  good  chance  there’s  a 
managed  service  in  your  future,  mostly 
because  you  may  not  have  much  choice. 

The  classical  justification  for  buying  a  carrier-managed  service  is  that 
the  cost  of  supporting  private  networks  is  growing  —  from  less  than 
20%  of  total  network  cost  in  the  early  1980s  to  almost  45%  today  Most 
carriers  have  had  some  success  with  their  managed  offerings,  but  less 
than  they’d  hoped.  Large  companies  historically  have  preferred  to  sup¬ 
port  their  own  networks,  and  small  businesses  are  too  small  for  carriers 
to  make  much  money  on. 

However,  2005  might  be  the  year  when  the  real  justification  of  man¬ 
aged  services  emerges  —  the  justification  that  the  user  doesn’t  have 
any  choice,  because  the  carriers  phase  out  legacy  offerings.  What  will 
happen  is  that  services  are  going  to  polarize  into  a  low-cost,  low-touch, 
high-capacity  commodity  and  a  higher-touch  managed  service.  A  lot  of 
the  traditional  services  will  be  squeezed  out  completely  or  more  accu¬ 
rately  absorbed  into  managed  services. 

Let’s  take  VPNs  for  an  example.  What  do  buyers  like  about  a  VPN?  Its 
low  cost,  hardly  the  attribute  a  carrier  wants  to  promote  if  that  same  car¬ 
rier  is  selling  the  user  the  service  the  VPN  is  intended  to  replace.  But 
suppose  we  wrap  up  VPN  services  into  a  managed  service  framework, 
including  customer  premises  equipment  and  support?  Now  there  are 
service  features  to  promote,  which  the  carriers  hope  will  help  keep 
prices  from  falling  too  much. 

In  fact,  managed  service  strategies  like  this  could  actually  promote 
the  notion  of  convergence.  If  a  carrier  sells  a  user  a  managed  service 
based  on  frame  relay  it  can  ease  traditional  frame  relay  infrastructure 
out  of  the  picture  simply  by  replacing  the  interior  service  with  a  VPN. 


Remember,  in  a  managed  service  the  service  demarcation  is  the  port 
or  LAN  side  of  the  access  router,  so  the  buyer  wouldn’t  really  “see”  the 
interior  network  service  at  all.  Because  VPNs  are  likely  to  be  cheaper  to 
deploy  than  frame  relay  the  carrier  could  use  the  cost  reduction  to 
boost  profit.  Thus,  instead  of  losing  money  by  promoting  a  frame-to- 
VPN  migration,  carriers  could  make  money. 

The  goal  of  this  kind  of  substitution  isn’t  to  generate  obscene  profits  or 
pick  buyers’  pockets.  It’s  to  keep  profit  margins  at  survivable  levels. What’s 
going  to  happen  is  that  managed  service  pricing  will  stabilize  at  some 
thing  like  traditional  pricing  for  frame  relay  or  ATM.  Carriers  will  switch 
to  IP  infrastructure  to  lower  service  costs,  thus  raising  margins. 

So  what  happens  to  traditional  non-managed  services?  They  gradual¬ 
ly  disappear,  except  for  some  very  high-capacity,  point-to-point  options 
such  as  wavelength  services.  Big  companies  will  be  able  to  buy  fat  bit 
pipes  at  a  low  cost  per  bit  for  their  “thicker?  or  higher-traffic  routes,  but 
will  use  managed  services  for  their  thin  routes. 

The  managed  service  model  is  also  a  way  to  get  carriers  deeper  into 
application  networking.  A  managed  service  can  be  augmented  with 
grid  computing,  storage  hosting  and  application  hosting  more  easily 
than  a  service  based  on  point-to-point  connections  because  the  inside 
structure  of  the  network  is  “virtual”  and  user  sites  can  be  supplemented 
by  carrier-owned  sites  that  provide  user  services.  In  fact,  it  may  be  that 
managed  services  are  the  fast  track  to  application  services  in  general. 

Don’t  expect  this  to  happen  overnight.The  carriers  don’t  want  to  pull 
the  rug  out  from  under  legacy  data  services  while  user  demand  is  still 
high,  so  the  first  step  is  validating  a  managed  service  model.  Look  for 
2005  offerings  in  the  managed  services  area  to  be  cheaper  and  more 
sophisticated,  and  look  for  your  carrier  to  be  pushing  these  offerings 
more  vigorously  They’re  not  only  the  way  of  the  future;  they  may  well 
be  the  only  future. 

Nolle  is  president  of  CIM1,  a  technology  assessment  firm  in  Voorhees, 
N.J.  He  can  be  reached  at  (856)  753-0004  or  tnolle@cimicorp.com. 
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The  vast  majority  of  attacks,  including  automated  worms,  are 
P  performed  against  known  vulnerabilities  that  have  patches  available. 

V.IDC,  October  2004 


Over  90%  of  security  exploits  are  carried  out  through 
vulnerabilities  for  which  there  are  known  patches. 

- 


Consistently  top-ranked  by  experts,  analysts  and  decision  makers,  PatchLink  Corporation  delivers 
best-of-class  patch  management  enterprise  security  and  system  management  solutions.  PatchLink 
has  been  the  definitive  patch  management  leader  since  1991.  Today,  thousands  of  companies 
around  the  world  depend  on  PatchLink  for  vulnerability  assessment,  remediation,  and  critical  patch 
updates  for  millions  of  nodes.  Go  with  the  leader,  PatchLink  -  The  Patch  Management  Experts. 
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The  Patch  Management  Experts 


Ask  any  IT  exec  to  name 
their  top  three  headaches, 
and  patch  management  is 
sure  to  be  on  the  list.  The 
good  news  is  that  automat¬ 
ed  tools  are  now  available 
from  a  growing  number  of 
vendors.  In  this  Technology 
Insider,  leading-edge  users 
describe  their  transition 
from  manual  to  automated 
patching. 


Successful  patch  management  requires  planning,  processes,  testing, 
integration  of  multiple  security  tools. 

Automated  tools  help, 
but  don't  cure  all  patch  ills 


TESTING-BASED 

ANALYSIS 

Network  World  Lab  Alliance 
member  Mandy  Andress  says 
patch  management  products 
are  evolving  toward  multi¬ 
function  tools  that  can  handle 
tasks  such  as  vulnerability 
assessment  and  configuration 
management.  Page  44. 

NEWS  ANALYSIS 

This  promises  to  be  the  year 
in  which  Microsoft  disrupts 
the  patch  management  mar¬ 
ket  with  a  free  tool  called 
Windows  Update  Services. 
Page  46. 

CLEAR  CHOICE  TEST 

We  tested  a  beta  version  of 
Windows  Update  Services  and 
found  that  it’s  a  viable  enter¬ 
prise  product  for  Windows¬ 
centric  shops.  Page  46. 


BUYER’S 

GUIDE 

Our  online  Buyer’s  Guide 
features  the  latest  patch 
management  information 
on  24  products  from  21  ven¬ 
dors.  Check  out  the  latest 
offerings  online. 
www.nwfusion.com, 
DocFinder:  5531 


■  BY  JEFF  VANCE 

Davidson  Healthcare  in  Lexington,  N.C.,  got  a  wake-up  call  recently  when  a  vulnerability 
scan  discovered  that  the  network  was  missing  more  than  4,000  cumulative  patches  on  its  30 
servers  and  500  workstations. 


“I  had  this  bad  feeling  about  those  patches,”  says  Kevin  Buchanan,  who  runs  Davidson’s  10-person  IT  department. “The 
problem  was  that  we  couldn’t  keep  up  with  the  volume  of  Microsoft’s  patches.They  were  releasing  them  way  too  often, 
there  were  too  many  of  them,  and  a  staff  like  ours  had  no  way  to  manage  this. Yet  if  we  didn’t,  we  knew  we’d  be  at 
risk.” 

Buchanan  quickly  secured  funding  for  automated  patch  management  software  from  Shavlik  Technologies. 

Adam  Hansen,  manager  of  security  at  Chicago  law  firm  Sonnenschein  Nath  &  Rosenthal,  has  a  similar  tale. 

With  nearly  2,000  servers,  desktops  and  laptops  spread  across  1 1  U.S.  offices,  Hansen  knew  his  firm  had  to  get 
an  automated  patching  solution,  and  quick. 

“About  a  year  and  a  half  ago,  this  all  came  to  a  head,”  Hansen  says. “We  did  a  vulnerability  assessment  and 
found  we  were  only  about  15%  in  compliance  in  terms  of  patching.”  He  began  looking  for  something  that 
could  automate  patching  and  provide  real-time  reporting. 

Sonnenschein  Nath  &  Rosenthal  went  with  PatchLink,  another  of  the  pure-play  patch  vendors  that  were  first 
to  market  with  automated  patch  tools. 

“The  old  way  of  doing  things,  deploying  patch  by  patch,  is  not  effective  in  the  long  term,”  Hansen  says. 

There’s  widespread  agreement  on  that  point  among  enterprise  IT  executives,  analysts  and  vendors.  Any  lag 
between  detecting  a  vulnerability  and  correcting  it  leaves  an  organization  open  to  attack.  And  with  their  own 
set  of  automated  tools,  hackers  can  strike  almost  as  soon  as  new  vulnerabilities  are  discovered. 

But  users  are  finding  that  even  with  automated  patch  management  tools,  patching  can  be  a  complicated,  labo¬ 
rious  and  often  problem-causing  process  because  patches  have  been  known  to  break  applications. 

First  things  first 

According  to  Meta  Group  analyst  Peter  Firstbrook,the  first  step  is  a  network  assessment.“My  biggest  piece  of  advice 
to  customers  evaluating  patch  management  solutions  is  to  take  a  step  back  and  evaluate  your  own  organiza¬ 
tion  first,”  Firstbrook  says.“So  much  of  what  has  to  be  done  is  process  and  procedure.” 

Even  the  best  tools  won’t  save  you  if  you  don’t  have  the  right  processes  in  place  and  the  peo¬ 
ple  and  computing  resources  to  back  them  up, 
he  adds. 

Davidson  used  to  patch  machines  when  they 
needed  to  be  serviced  or  when  a  new  image  was 
pushed  out.  Now  the  patching  is  an  ongoing  part  of 
IT  maintenance,  typically  performed  in  off-peak 
hours,  Buchanan  says. 

The  patching  path  not  taken 

The  issue  for  IT  executives  is  not  whether  to  auto¬ 
mate,  but  which  product  to  buy  There  are  the  pure- 
play  patch  products  from  Shavlik,  PatchLink  and 

others. There  are  patch  tools  that  are  part  of  larger  software  suites  that  include 
life-cycle  management, change  management, security  management  and  config¬ 
uration  management.  Plus,  there  are  Windows-only  tools  from  Microsoft. 

Angela  Triola,  an  infrastructure  analyst  at  ENT  Federal  Credit  Union  in 
Colorado  Springs,  tackles  patching  with  Enterprise  Configuration  Manager 
(ECM)  from  Configuresoft.ECM  performs  a  variety  of  functions,  including  vul¬ 
nerability  assessment,  change  management,  compliance,  remediation  and 
patching.Triola  says  everything  from  finding  patches  to  testing  to  deployment 
to  verification  has  now  become  manageable. 

“We  rely  heavily  on  Microsoft, "Triola  adds, “so  the  fact  that  Configuresoft 


Patch  management 


works  well  with  Microsoft  was  very  important  to  us.”  She 
says  that  Microsoft’s  own  patching  advances,  including 
the  forthcoming  Windows  Update  Services  (WUS)  patch 
management  software, will  not  change  the  need  for  third- 

party  tools. 

Other  IT  professionals  agree.  “Essentially,  even  with 
[Software  Update  Service] ,  WUS  or  [Systems  Management 
Server],  you’re  still  taking  a  patch-by-patch  approach,” 
Hansen  says.  “You  still  need  the  entire  platform  to  see  this 
through  from  start  to  finish.” 

Hercules  provides  patching  power 

At  Sonnenschein  Nath  &  Rosenthal, Hansen  has  migrated 
from  PatchLink  to  Citadel’s  Hercules,  which  performs  net¬ 
work  discovery  vulnerability  assessments  and  ongoing 
compliance  audits. 

“What  I  like  about  Hercules  is  that  it  frees  you  from  wor¬ 
rying  about  the  finegrained  details  of  patching. You  define 
a  baseline,  and  it  becomes  the  product’s  responsibility  to 
get  your  network  devices  in  step,”  Hansen  says.“We  needed 
a  solution  that  did  more  than  just  pushing  patches,  which 
is  what  a  lot  of  products  on  the  market  do.” 

Hansen  says  he  likes  Hercules’  strong  reporting  and 
policy-enforcement  features,  which  he  argues  are  essential 
to  any  successful  patching  strategy  “Even  if  a  properly 
patched  image  is  pushed  out  to  a  new  server  or  desktop, 
who’s  to  say  that  something  doesn’t  get  changed  along  the 
way  a  vulnerable  port  opened,  an  unpredictable  service 
turned  back  on?”  Hansen  asks. 

An  agent-based  solution,  Hercules  keeps  tabs  on  those 
devices,  noting  any  deviation  and,  if  the  vulnerability 
warrants  it,  quarantining  devices  that  are  not  compliant. 
With  more  mobile  devices  entering  the  network,  this  fea¬ 
ture  is  critical. 

Hansen  says  Hercules  enables  a  lightning-quick  response 
to  vulnerabilities,  with  most  of  the  patches  tested  and 
pushed  out  in  less  than  24  hours.  Moreover,  even  with  a  large 
mobile  user  base,  the  firm’s  patch-compliance  ratio  is  close 
to  80%,  with  the  network  getting  more  airtight  each  day 

The  process  of  integrating  Hercules  wasn’t  problem-free, 
however. “We  had  issues  with  getting  the  Hercules  agent  to 
work  with  certain  images,  but  Citadel’s  customer  support 
was  responsive  and  worked  with  us  to  resolve  those  issues,” 
Hansen  says. 

EDS  opts  for  Opsware 

Larry  Lozon,  the  vice  president  of  hosting  services  at 


Electronic  Data  Systems  (EDS),  has  70,000  distributed 
servers  and  a  massive  number  of  other  devices.  Not  only 
that,  but  EDS  also  now  requires  that  any  device  that  enters 
its  network  must  have  end-to-end  configuration  and  patch 
management. 

EDS  turned  to  data  center  automation  vendor  Opsware, 
which  provides  server  management,  provisioning,  configu¬ 
ration,  change  management  and  patch  management. 
Lozon  adds  that  the  next  problem  on  EDS’  patch  and  con¬ 
figuration  management  radar  screen  is  mobile  devices. 

Patch  payoffs 

The  payoff  from  patch  management  tools  can  show 
up  almost  immediately.  According  to  Davidson,  it  real¬ 
ized  ROI  with  a  single  patch  cycle. “If  you  consider  our 
previous  process,  where  we  had  two  technicians  walk¬ 
ing  from  machine  to  machine  and  patching  manually, 
the  cost  of  the  Shavlik  product  was  equal  to  what  their 
salaries  would  have  been  during  that  period  of  time,” 
Buchanan  says. 

Another  Shavlik  customer,  Indiana  University,  agrees.“The 
cost  savings  was  so  immediate  and  obvious,  that  we  didn’t 
even  bother  to  quantify  it  in  order  to  justify  the  purchase,” 
says  Jim  Kippenbrok,  manager  of  local  support  provider 
services  for  the  Bloomington  school. 

Hansen  estimates  that  Citadel’s  Hercules  saved  about  the 
equivalent  of  a  midtier  full-time  IT  employee’s  salary  or 
about  $60,000.  ‘And  this  doesn’t  include  the  savings  in 
terms  of  reduced  risk,”  Hansen  adds. 

Automation  is  the  way  to  go 

Customers  say  they’re  generally  happy  with  their  patch¬ 
ing  tools,  but  there  are  still  issues  of  concern,  such  as  the 
ever-shrinking  window  between  when  a  patch  is  issued 
and  when  it  needs  to  be  deployed,  the  need  for  good  inter¬ 
nal  testing,  interoperability  issues,  the  importance  of  nail¬ 
ing  down  a  workable  patch  cycle  and  the  occasional  cus¬ 
tomer  service  problem. 

Because  many  companies  have  homegrown  or  niche 
applications  running  in  a  mission-critical  capacity  the 
patching  vendor  must  work  with  them  to  ensure  that  the 
patches  won’t  cause  more  harm  than  good. 

However,  when  assessing  the  risk  of  not  patching,  most 
customers  agree  that  patches  have  become  so  stable  that 
the  risk  of  leaving  a  vulnerability  unchecked  vastly  out¬ 
weighs  any  interoperability  risks. 

“Let  me  go  out  on  a  limb  here  and  say  that  if  you  are  an 


7steps 

for  an  effective  patch 
management  process 

1.  Learn  what  is  on  your  network  via  a 
scanning  or  network-discovery  tool  (which  are 
often  provided  in  patch  management  suites). 

2.  Prioritize.  Understand  the  criticality  of 
patching  in  terms  of  business  risks. That  is,  if 
assets  aren’t  terribly  critical  on  a  particular 
desktop,  address  that  device  only  after  your 
mission-critical  assets  have  been  protected. 

3.  Allocate  the  computing  resources  and 
people  needed  to  effectively  handle  the  task. 

4.  Determine  an  appropriate  workflow  for 
patching;  that  is,  attempt  to  patch  during  off- 
peak  hours  when  normal  business  flow  won’t 
be  disrupted. 

5.  Find  an  automated  method  for  pushing  out 
patches  to  your  network  devices. 

6.  Utilize  reporting  and  validation  tools.  If  you 
can’t  verify  that  your  devices  have  been  prop¬ 
erly  patched, you  can’t  be  sure  you  are  secure. 

7.  Repeat  this  process  as  part  of  your  larger  IT 
security  and  management  process. 


IT  manager  and  you  ignore  patch  management,  you  are 
negligent,”  Buchanan  says. 

Vance  is  a  freelance  technology  writer  and  the  president  of 
Sandstorm  Media  (www.sandstormmedia.net).  He  focuses 
on  trends  in  wireless  communications ,  next-generation  net¬ 
working,  security  and  Internet  infrastmcture.  He  can  be 
reached  at  jeff@sandstormmedia.net. 
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m  ■■  ven  the  best  automated  patching  system  is  only 
■■  one  facet  of  an  enterprise  security  strategy.  Even 
Kas  if  your  organization  has  an  effective  patch  man¬ 
agement  process  in  place,  it  doesn't  mean  that  you’re 
vulnerability-free.  There  is  always  a  lag  between  when 
a  vulnerability  is  first  discovered  and  when  the  patch  is 
released.  Moreover,  once  the  patch  is  released,  yet 
another  lag  exists  while  an  organization  tests  and  rolls 
||y|  out  the  patch. 

This  being  the  case,  many  security  vendors  on  the 
patch  management  periphery  argue  that  patching 
Iflf  must  work  in  concert  with  other  defense  mecha- 

a  o  sms,  such  as  vulnerability  scanners  and  intrusion- 
prevention  systems  (IPS). 

“A  patch  cycle  across  a  large  enterprise  can  take 
lyp  several  months,"  says  Andre  Yee,  president  and  CEO 
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of  NFR  Security,  an  IPS  provider.  “Automation  eases 
this,  but  a  big  part  of  patching  is  still  the  procedures 
involved  in  evaluating  your  network  inventory,  applying 
the  patch,  and  then  verifying  that  the  patching  has 
been  successful." 

Zero-day  attacks  are  the  most  obvious  pitfall  of 
relying  too  heavily  on  patching,  but  as  security  com¬ 
panies  further  automate  patching,  so  too  do  hackers 
automate  their  attacks  —  thus  creating  a  kind  of 
arms  race. 

Many  of  these  new  attacks  are  self-propagating. 
Sobig,  for  instance,  had  a  built-in  SMTP  engine.  "I 
never  want  to  be  quoted  as  arguing  against  patch¬ 
ing,”  Yee  says.  “It  is  necessary  but  insufficient. 

What  is  needed  is  some  sort  of  real-time  threat 
prevention.” 


For  certain  industry  sectors,  such  as  healthcare 
and  financials,  there  is  also  a  greater  need  for  test¬ 
ing  before  patching.  “Today's  patching  problems 
extend  way  beyond  patch  availability,”  says  Joseph 
Cooper,  chairman  and  CEO  of  Digital  Defense,  a 
provider  of  network  vulnerability  tools.  "We  all  know 
that  eventually  patches  will  be  made  available,  but 
what  if  you  can’t  utilize  them?  What  if  the  patch 
your  IT  department  installs  takes  down  your  entire 
online  banking  system  or,  even  worse,  the  only  MRI 
machine  available  at  your  local  hospital?” 

IT  managers  have  to  make  tough  choices  when  it 
comes  to  patching  business-critical  applications,  but 
in  the  end,  it's  all  about  managing  risk.  Patching 
reduces  risk  but  not  to  zero. 

—  Jeff  Vance 


Can  you  keep  up  with 

security  threats  and  patches? 


With  LANDesk®  Patch  Manager, 
you  can. 
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Hackers,  worms,  and  viruses  know  your  biggest  weakness.  It’s  your  time. 
Especially  when  it  comes  to  endless  software  updates  and  OS  patches.  They  know 
you’re  busy  enough  without  having  to  check  every  desktop,  handheld,  and  server  for 
the  latest  update. 

Fortunately,  LANDesk®  Patch  Manager  does  the  work  for  you.  It’s  an  integrated  solution 
that  automates  the  process  by  actively  scanning  everything  on  your  network  and 
identifying  vulnerabilities.  Ease  patch  management  pain  and  make  time  your  greatest  asset 
with  LANDesk  Patch  Manager. 

To  learn  how  to  automate  your  patch  management,  visit  landesk.com/go/patch. 
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Patch  management 


It’s  all  about  control  of  the  software  agent  sitting  on  the  desktop. 


Patch  management  start-ups 
face  pressure  from  all  sides 


■  BY  MANDY  ANDRESS 


Pure-play  vendors  such  as  Shavlik  Technologies,  BigFix  and  PatchLink  got  off  to  an  early 
lead  in  the  patch  management  game,  but  many  established  security  vendors  are  adding 
patching  to  their  arsenals.This  means  more  choices  for  users,  and  it  means  the  pure-play 
leaders  need  to  adapt  quickly  to  the  trend  toward  multipurpose  tools. 


While  software  should  be  developed  with  a 
focus  on  minimizing  security  issues  in  the 
first  place,  the  reality  is  that  you’ll  always 
need  to  understand  what  is  running  in  your 
environment  and  have  the  ability  to  deploy 
updates  quickly  and  easily. 

And  the  need  for  patch  management  grows 
stronger  every  day.Virus/worm/Trojan/phish- 
ing  technology  is  only  getting  more  sophisti¬ 
cated,  probing  for  vulnerabilities  in  e-mail, 
Web  browsers,  instant  messaging,  file  sharing 
and  the  like. 

A  company  only  needs  to  be  brought  to  its 
knees  once  with  an  infection  to  understand 
the  importance  of  patching.  Personal  fire¬ 
walls,  intrusion  prevention,  and  other  mitigat¬ 
ing  controls  can  be  implemented,  but  patch¬ 
ing  is  the  only  way  to  get  to  the  root  of  the 
problem. 

The  patching  landscape 


The  patch  management  life  cycle 

Opsware’s  vision  of  patch  management  for  data  center 


servers. 


©  Ensure  the  vulnerable 
is  not  reintroduced  for 
reprovisioned,  upgraded 
or  reconfigured 
systems. 


©  Automatic  download 
of  patch  content 
from  vendor  sites. 


© 

reporting  and 
security  audit. 

©  Distribute  and  install 
patches  including 
verification  of  patch 
compatibly  and 
appropriateness  for  target  servers. 


©  Set  patch  policy 
and  enable  global 
policy  setting. 


©  Identify  vulnerable  servers 
Identification  J  across  multiple  data  centers 
and  remote  locations. 


•  First  of  all,  operating  system  vendors  are  providing 
products  focused  on  their  individual  platforms. 
Microsoft  released  Software  Update  Service  (SUS)  and 
has  the  next-generation  Windows  Update  Services 
QNUS),  in  beta  (see  test,  page  45).  RedHat  has  added  a 
patch  management  offering  for  its  enterprise  products, 
although  it  is  a  bit  pricey. 

Microsoft  is  quickly  gaining  ground  in  this  area,  espe¬ 
cially  because  its  tools  are  free.  As  functionality  contin¬ 
ues  to  evolve  in  WUS,  some  companies  are  having  a 
hard  time  justifying  the  cost  of  the  current  pure-play 
patch  management  products  when  they  can  get  similar 
functionality  at  no  charge. 

But  most  companies  are  not  a  one-shop  environment, 
so  they  are  implementing  one  patch  management 
process  for  Windows,  one  for  Linux  and  a  third  for 
Solaris.This  is  not  ideal, so  many  are  looking  for  a  patch 
management  solution  that  provides  cross-platform 
support. 

*  Asset/configuration  management  companies  are 
realiy  taking  charge  of  the  patch  management  arena. 
They  are  in  the  ideal  position  because  they  already  have 
agents  running  on  all  managed  systems  and  have 
access  to  see  what  is  installed  and  configured.  Add 
some  functionality  for  identifying  missing  patches,  plug 
that  in  to  the  software  deployment  mechanism,  and  a 


new  patch  management  module  is  born. 

Altiris,  Configuresoft  and  LANDesk  are  a  few  of  the 
heavy  hitters  in  this  area. 

•  Vulnerability  assessment  products  also  are  joining 
the  fray  They  can  identify  missing  patches  on  a  system; 
they  just  need  to  add  a  deployment  mechanism.  Citadel 
(see  recent  test  results  at  www.nwfusion.com, 
DocFinder  5528)  already  fills  this  gap,  taking  assess¬ 
ment  results  and  providing  remediation  actions. 
Visionael  also  has  a  remediation  module  for  its  vulnera¬ 
bility  assessment  product.  At 
this  point,  1  don’t  see  vulnera¬ 
bility  assessment  products 
becoming  the  primary  patch 
management  product  in  a 
company,  but  they  will  be 
used  mainly  as  a  central  point 
of  remediation. 

Network  access/endpoint 
security  and  compliance 
products  are  beginning  to 
mature,  though,  and  they  offer 
similar  functionality  focusing 
on  deploying  patches  to  sys¬ 
tems  that  don’t  adhere  to  the 
defined  corporate  standard. 


InfoExpress  CyberGateKeeper  will  deploy  patches  to  a 
system  before  allowing  network  access. 
SecurityProfiling  SysUpdate  watches  systems  and  pro¬ 
vides  remediation  options,  including  patch  deployment, 
for  out-of-compliance  systems. 

Then  there  are  the  major  management  suite  vendors 
—  Computer  Associates,  for  example,  offers  patch¬ 
ing  as  part  of  its  eTrust  Vulnerability  Management 
solution. 

Faced  with  all  this  competition,  pure-play  ven¬ 
dors  need  to  focus  on  integration,  adding  func¬ 
tionality  for  vulnerability  assessment  and  asset 
management. 

Customers  are  becoming  increasingly  frustrated 
with  having  three  products  to  perform  these  activ¬ 
ities  when  it  makes  more  sense  to  have  one  agent 
on  the  system.  From  a  support  perspective,  deter¬ 
mining  which  agent  is  causing  problems  is  a 
nightmare,  as  vendors  usually  point  to  the  other 
direction  when  trying  to  troubleshoot  an  issue. 

Convergence  will  occur.  Security  is  an  integral 
component  to  the  basic  operation  of  an  organiza¬ 
tion,  and  companies  can  no  longer  ignore  the 
inevitable.  They  must  have  an  infrastructure  in 
place  to  define  a  base  standard,  identify  gaps  in 
this  standard  on  systems  in  the  field  and  deploy 
software. 

The  pure-play  vendors  took  advantage  of  the  gap 
not  being  filled  by  existing  management  software  and 
created  patch  management-focused  products,  but  the 
asset  management  companies  are  catching  up  quickly 
In  the  end,  the  focus  will  be  on  controlling  the  agent 
that  runs  on  the  computer.  This  could  be  an  asset  man¬ 
agement  product  that  provides  patch  management 
functionality  or  a  patch  management  product  that  has 
branched  out  to  asset/configuration  management. 
Either  way,  the  ideal  is  one  agent  on  each  system  that 
serves  a  role  in  asset  tracking,  software  updates,  vulnera¬ 
bility  assessment  and  policy 
enforcement. 

I  still  see  a  role  for  separate 
compliance  or  vulnerability 
assessment  and  remediation 
products  because  organiza¬ 
tions  need  to  maintain  segre¬ 
gation  of  duties  and  still 
need  to  address  point  reme¬ 
diation  instances.  Plus,  based 
on  the  results  of  our  latest 
vulnerability  management 
roundup,  it  is  best  to  have  a 
few  different  technologies 
looking  for  vulnerabilities  on 
systems.* 


Agents  wii  the  battle 

In  the  early  days,  the  big  debate  focused  on 
agent  vs.  agent-free  products.  Most  of  this 
discussion  has  died  down  as  the  benefits  of 
agent-based  products  in  Our  laptop-driven 
world  became  apparent  How  can  you  effec¬ 
tively  push  patches  to  systems  when  you 
never  know  when  they  will  be  online?  Even 
the  strongest  advocates  of  agent-free  patch 
management  have  developed  agent-based1 
alternatives. 
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Free  patch  update  server  and  vulnerability  assessment 
scanner  slated  to  ship  this  year. 


Microsoft  plays  its  wild 


BY  JOHN  FONTANA 


This  could  be  the  year  Microsoft  finally  solves  its  patch  management  prob¬ 
lems.  In  October  2003,  CEO  Steve  Balmer  said  the  vendor  was  seven  months 
away  from  delivering  a  new  corporate  patch  server,  tools  to  streamline  patch 
installation  and  one  patch  download  site  for  all  its  software. 


This  set  of  free  tools  would  replace  an  oft-criticized, 
mismatched,  grab  bag  of  patching  software  that  more 
often  than  not  deliver  conflicting  data  that  left  adminis¬ 
trators  unsure  if  they  were  patched  or  not. 

Microsoft’s  ultimate  goal  is  to  have  these  tools  form 
the  foundation  of  one  patch  infrastructure  that  includes 
free  tools  for  smaller  companies  and  fee-based  soft¬ 
ware,  Systems  Management  Server  (SMS)  and  Microsoft 
Operations  Manager  (MOM),  for  larger  companies. 

Ballmer’s  seven-month  ship  date  came  and  went  in 
early  2004,  and  today  Microsoft  has  still  not  shipped 
those  upgrades  to  its  free  products. 

“Microsoft  must  get  the  patch  situation  under  control,” 
says  Ron  Sellers,  an  independent  consultant.“Microsoft 
produces  some  very  good,  easy-to-use  software  with 
excellent  system  integration  for  a  very  reasonable 
price.  Unfortunately,  the  cost  of  patch  management  may 
be  enough  to  negate  all  of  the  other  positives  when  1 
have  to  examine  the  bottom  line.” 

Microsoft  has  heard  the  complaints,  but  the  solution 
that  it’s  proposing  has  limitations.  The  free  tools  will 
only  work  with  newer  versions  of  the  Windows  operat¬ 
ing  system  and  only  with  Microsoft  applications. 

Experts  say  the  free 
tools  will  be  great  for 


es  would  be.  Microsoft  also  reduced  reboots  for  patch 
installation  by  10%,  reduced  patch  sizes  by  up  to  75%  and 
offered  Webcasts  guidance  whitepapers  on  patching. 

But  in  the  first  half  of  this  year,  Microsoft’s  patching 
past  is  slated  to  meet  the  future  Ballmer  laid  out  more 
than  a  year  ago. 

First  up  is  Windows  Update  Services,  a  free  server  that 
corporations  deploy  internally  to  download  patches 
from  Microsoft  and  push  them  out  to  desktops  and 
servers  via  the  WUS  client. 

The  first  WUS  beta,  released  in  November,  features  a 
reporting  engine,  restart  controls  and  bandwidth  throttling 
that  was  missing  in  the  software’s  predecessor,  System 
Update  Services.  But  the  keys  are  a  client-side  scanning 


engine  that  details  what  patches  are  installed  and  catalog 
technology  that  lists  available  patches  and  updates. 

The  other  side  of  WUS  is  Microsoft  Update,  a  public 
Microsoft  Web-based  patch  download  site  and  the 
replacement  for  the  current  Windows  Update.  Microsoft 
Update  will  provide  patches  for  a  range  of  Microsoft 
software,  not  just  Windows. 

Both  WUS  and  Microsoft  Update  are  expected  in  the 
first  half  of  2005. 

Microsoft  also  will  reduce  the  number  of  patch 
installers  it  develops  from  eight  to  two,  MSI  3.0  for 
installing  patches  on  any  Microsoft  software  except 
Windows  and  Update.exe  for  the  Windows  operating 
system. 

But  the -real  milestones  start  with  WUS  and  Microsoft 
Update,  which  will  eventually  align  with  licensed  tools 
such  as  SMS  and  MOM.  Both  will  incorporate  the  WUS 
scanning  and  cataloging  technology. 

“WUS  and  Microsoft  Update  create  an  infrastructure  for 
the  rest  of  our  patch  and  vulnerability  assessment  tools,” 


Free  software  lacks  features  but  could 
do  the  trick  for  cost-conscious  companies. 


Microsoft’s  WUS  delivers 


smaller  users  with  mostly 
Microsoft  software,  and 
less  appealing  to  larger 
companies  that  still  will 
need  something  like  SMS, 
which  adds  features  such 
as  inventory  and  ad¬ 
ministrative  controls  the 
free  tools  won’t  have.  Or 
users  will  have  to  turn  to 
third-party  tools  that  han¬ 
dle  Microsoft  and  other 
platforms,  such  as  Linux, 
that  the  software  giant  ignores. 

“Third-party  tools  have  to  be  considered  because 
users  can’t  wait  for  Microsoft  to  deliver  the  free  tools,” 
says  Trent  Henry,  an  analyst  with  Burton  Group. “And  in 
many  cases,  customers  have  non-Microsoft  infrastruc¬ 
ture,  which  is  another  reason  the  third-party  tools  play 
effectively’ 

So  far,  Microsoft’s  progress  has  been  marked  in  small 
steps.  In  November  2003,  Microsoft  introduced  a  monthly 
release  cycle,  issuing  patches  on  the  second  Tuesday  of 
each  month.  The  move  let  users  schedule  their  patch 
efforts.  In  December  2004,  Microsoft  added  advance 
notice  on  how  many  and  how  critical  the  Tuesday  patch- 


BY  MANDY  ANDRESS,  NETWORK  WORLD  ALLIANCE 


We  tested  the  first  public  beta  of  Windows  Update  Services  and  found 
that  it’s  a  definite  improvement  over  Software  Update  Services,  the 
product  it  replaces.  And  it  presents  a  credible  alternative  to  existing 
patch  management  products  such  as  BigFix  and  PatchLink  for  cost-con¬ 
scious,  Windows-only  shops. 

The  software,  slated  to  ship  in  the  first  half  of  this  year,  includes  a  brand-new  reporting  module.  It  lets  administra¬ 
tors  configure  patch  profiles  based  on  groups  of  computers.  It  also  lets  administrators  patch  additional  Microsoft 
programs,  such  as  Office,  Exchange,  SQL  Server  and  Microsoft  Data  Engine,  running  on  Windows  machines. 

The  agent  software  required  for  WUS  to  function  properly  is  included  in  Windows  2000  (starting  in  SP3),XP  and 
2003.This  relieves  the  administrator  from  having  to  deploy  and  manage  a  separate  agent. 

However,  Microsoft  needs  to  push  patch  support  for  third-party  products  —  with  Adobe  Acrobat  and  RealPlayer 
being  prime  examples  —  and  custom  patch  deployments  into  WUS  to  compete  even  more  directly  with  other  patch¬ 
ing  products  on  the  market. 

One  of  the  most  common  complaints  about  SUS  was  that  it  didn’t  include  any  reporting  capabilities. WUS’s  report¬ 
ing  module  offers  basic  functionality, such  as  the  ability  to  view  and  print  reports  on  update  status, synchronization 
results  and  configuration  settings.  Update  status  reports  list  information  by  patch  and  can  be  generated  based  on  the 


Patch  management 


Dissecting  WUS 


Microsoft’s  Windows  Update  Services  (WUS),  a  replacement  for 
the  current  System  Update  Services  1.0,  is  a  patch  server  and 
desktop  client  that  users  deploy  locally  to  get  updates  directly 
from  Microsoft  and  push  them  out  to  servers  and  desktops. 

Versions:  One  version  for  all  customers. Today,  nearly  115,000  users 
of  SUS  1.0. 

Server:  Runs  on  Windows  2000  Service  Pack  4  or  higher;  Windows 
Server  2003;  Internet  Information  Services  5.5  and  higher;  and  SQL 
Server  2000  SP  3  and  higher,  SQL  Server  2003  or  SQL  Server 
Desktop  Engine  2000. 

Client:  Runs  on  Win  2000  Server  and  Professional  SP4  and  higher, 
Win  2003  and  Windows  XP. 


Operating  system  patches  supported:  Win  2000  Server  and 
Professional  SP  3  or  later,  Win  2003  and  XP. 


Application  patches  supported:  Initially  Office  2003,  Office  XP, 


says  Bill  Anderson, 
group  product  man¬ 
ager  in  the  Windows 
and  enterprise  man¬ 
agement  division  at 
Microsoft. 

Shortly  after  those  two  ship,  Microsoft  will  release  a 
new  version  of  Microsoft  Baseline  Security  Analyzer 
(MBSA),a  free  vulnerability  assessment  tool.MBSA  2.0 
also  will  incorporate  WUS  scanning  technology  in 
favor  of  its  current  HFNetChk  scanning  engine.  SMS 
users  will  be  provided  with  software  to  add  MBSA,  the 
scanning  engine  and  the  catalog  technology.  SMS  will 
collect  vulnerability  and  configuration  data  using  out¬ 
put  from  MBSA.  Today  SMS  only  consumes  MBSAs 
patch  data. 

“Users  will  be  able  to  do  enterprise-wide  vulnerabil¬ 
ity  reporting  and  use  SMS  or  group  policy  technology 
to  close  those  vulnerabilities,”  Anderson  says.  “In  the 
next  two  years,  we  will  have  one  infrastructure  for  get¬ 
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Exchange  2003,  SQL  Server  TiWS 

2000,  and  MSDE  2000.  Support  for  older  versions  of  those  products  V 
will  be  added  over  time. 

■ 

Service  Pack  and  update  support;  Only  for  Microsoft  applica¬ 
tions  and  operating  systems. 

Migration;  Microsoft  will  provide  a  tool  to  move  from  SUS  1.0  to 
WUS. 

Reporting  engine:  Includes  the  ability  to  see  the  last-contact  date; 
operating  system  version;  BIOS  and  machine  details;  updates 
installed,  needed  or  failed  on  a  per-machine,  per-update  basis.  Other 
top  features  include  binary  data  compression,  full  catalog  of  all 
patches  and  automatic  update  roll  back. 

Other:  Can  automatically  approve  and  distribute  critical  updates 
without  manual  approval;  SUS  1.0  client  will  not  support  WUS  fea¬ 
tures;  initial  release  doesn’t  support  patch  distribution  to  custom 
applications. 


ting  content  from  Microsoft  and  delivering  that  across 
your  enterprise.” 

Microsoft  users  hopeful 

“It  would  be  nice  if  they  could  fix  the  scanning 
issues,  it  would  be  nice  to  have  consistency  to  know 
which  boxes  are  vulnerable  and  which  are  not,”  says 
Mike  Miller,  director  of  support  services  for  Media 
General  in  Richmond,  Va.,  which  publishes  the 
Richmond  Times-Dispatch  and  The  Tampa  Tribune, 
among  other  newspapers.  Miller  uses  SMS,  but  he  says 
free  tools  must  be  available  from  Microsoft. 

“Small  to  midsized  companies  that  cannot  afford 
enterprise  patch  software  still  need  to  patch  their  stuff. 


One  small  company  that  says  it  can’t  afford  to  patch  is 
a  big  potential  risk  for  everyone  else  hooked  up  to  the 
Internet,”  Miller  says. 

Microsoft  says  it  will  continue  to  offer  free  tools  as  part 
of  its  patch  wares,  but  SMS,  MOM  and  other  management 
tools  Microsoft  sells  will  offer  the  broadest  features. 

“The  main  reason  Microsoft  is  doing  WUS  is  that  they 
want  something  they  can  provide  for  free  to  make  sure 
that  no  organization  has  the  excuse  that  they  can’t  get 
the  funds  for  patch  tools,”  says  Peter  Pawlak.an  analyst 
with  independent  research  firm  Directions  on 
Microsoft.“SMS  is  a  fairly  substantial  project  to  take  on, 
but  WUS  can  be  brought  in  through  the  back  door  and 
you  just  do  it.”  ■ 


on  patch  promises 


Net  Results 


approved  action  for  a  patch  (install,  detect,  remove)  and 
by  computer  group. 

We  tested  how  well  WUS  could  report  on  the  status  of 
installed  updates  in  our  Infrastructure  Server  group  (see 
“How  we  did  it,”  www.nwfusion.com,  DocFinder:  5529), 
but  found  it  difficult  to  quickly  identify  which  patches 
were  deployed  to  each  computer.  We  would  like  to  see 
the  reporting  module  expanded  with  additional  options, 
such  as  the  ability  to  generate  reports  by  computer,  by 
updates  that  have  been  installed/removed  in  a  selected 
time  period  and  by  updates  that  have  been 
installed/removed  for  each  product  group. 

WUS  also  adds  grouping  functionality  Computers  now 
can  be  assigned  to  groups,  providing  the  ability  to  define 
different  patch  baseline  and  deployment  policies  for  dif¬ 
ferent  sets  of  computers.  For  example, you  now  can  have 
different  policies  for  your  servers  and  your  end-user 
workstations  all  administered  from  one  WUS  server.  In 
the  past,  you  needed  two  separate  SUS  servers. 


Computers  easily  can  be 
assigned  to  groups  manu¬ 
ally  through  the  WUS 
Administration  interface  or 
automatically  using  the 
“enable  client-side  target¬ 
ing”  group  policy  setting.  We 
used  the  automatic  assign¬ 
ment  functionality  in  our 
testing  and  didn’t  encounter  any  issues.  We  simply 
assigned  computers  to  a  group  defined  in  Active 
Directory  and  they  automatically  registered  with  the 
corresponding  group  in  WUS.  But  computers  only  can 
be  assigned  to  one  group,  and  we  would  like  to  have 
the  ability  to  assign  computers  to  multiple  groups. 

WUS  also  includes  a  number  of  smaller  feature 
improvements.  Patches  now  can  be  rolled  back,  or 
uninstalled,  in  the  event  a  deployment  causes  prob¬ 
lems  and  needs  to  be  taken  out  of  production. 


Microsoft  has  made  a  lot  of  minor 
changes  in  how  patch  informa¬ 
tion  is  displayed  for  the  better. 

For  example,  because  Microsoft 
releases  patches  that  supersede 
older  patches,  WUS  lets  you  look  at 
a  new  patch  and  see  what  old 
patches  it  supersedes.  You  also  can 
look  at  existing  patches  and  see  if 
new  patches  have  superseded  them. 

We  would  like  to  see  an  alert  module  added  to  WUS, 
notifying  administrators  when  new  updates  have  been 
downloaded  or  patch  deployments  to  computers  failed. 
Administrators  must  currently  log  on  to  the  WUS  server 
to  view  this  information. 

Andress  is  president  of  ArcSec  Technologies,  a  security 
company  focusing  on  product  reviews  and  analysis.  She 
can  be  reached  at  mandy@arcsec.com. 


Microsoft  Windows  Update 
Services  (public  beta) 


Company:  Microsoft,  www.microsoft.com 
Cost:  Free  Pros:  Agent  support  built-in 
to  current  Windows  operating  systems; 
Can’t  beat  the  cost.  Cons:  Limited 
reporting  functionality;  no  support  for 
third-party  products. 


Anti-spam  technology  failing?  Well... 


Meridius  Security  Gateway 

99%  spam  detection  rate, 

0%  false  positives, 

100%  virus  blockingt 


Call  1.866.895.6931  and  get  a  $5000*  trade-in  credit 


*  Contact  a  BlueCat  Networks  representative  for  promotion  details.  Limited  time  offer.  Promotion  code:  BCN-M105 
t  “Scanning  for  Spam”,  Network  Computing  Magazine  Oct.  28,  2004 
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CAREER  DEVELOPMENT 
PROJECT  MANAGEMENT 
BUSINESS  JUSTIFICATION 


Be  careful  of  counteroffers 


A  company's  gambit  to  get  you  to  stay  might  sound  like  a  bountiful  blessing,  but  a  recruiter 
explains  why  you  should  think  twice  before  taking  the  deal. 


BY  STEVE  HALL  self  because  of  guilt  from  stirring  up  muddy  waters.Your 


“Should  I  accept  it?” 

The  young  IT  executive  posing  the  question  had  been  recruited  aggressively  by  one  of 
his  company’s  archrivals.  He’d  quietly  gone  on  a  first  interview,  then  a  second,  then  a 


every  misstep  will  be  scrutinized,  and  every  minor  error 
in  judgment  will  be  magnified.  In  other  words,  you’ll 
earn  every  penny  of  that  increased  salary  and  every 
minute  of  that  family  leave  time  with  your  blood,  sweat 
and  tears. 


third.  In  due  time  he’d  received  (and  accepted)  an  extremely  attractive  job  offer.  So  he 
cheerily  returned  to  his  current  employer  to  hand  in  a  cordial  letter  of  resignation. 


But  to  his  surprise,  his  boss  read  it,  then  grew  flustered 
and  begged  him  to  postpone  his  final  decision  for  a  day 
or  two.  Within  mere  hours  the  executive  was  presented 
with  an  even  more  attractive  counteroffer.  “We  simply 
can’t  afford  to  lose  you,”  his  boss  explained,  patting  his 
shoulder. 

Who  knew?  And  more  importantly  —  what  to  do  now? 

Before  1  answer  the  question  (and  before  anyone  starts 
wishing  you  had  such  “problems”),  let  me  mention  that 
because  of  marketplace  demands,  highly  qualified  IT 
managers  and  executives  are  more  likely  to  face  this  par¬ 
ticular  rose  garden. 

But  therein  lie  several  thorns.  Granted,  there  are  many 
good  and  legitimate  reasons  to  leave  a  position  for 
greener  pastures.  Perhaps  someone  has  just  finished  im¬ 
plementing  a  major  ERP  system  and  is  now  in  mainte¬ 
nance  mode,  with  no  fresh  challenges  on  the  horizon.  Or 
perhaps  a  training  budget  has  been  slashed  to  bits  —  a 
kiss  of  death  to  any  IT  worker  intent  on  upgrading  his  or 
her  skills.  Or  perhaps  a  newly  hired  network  engineer  just 
learned  the  $15,000  bonus  on  which  he  was  counting 
isn’t  likely  to  materialize.  Bummer. 

So  he  starts  shopping  for  new  positions.  He  finds  what 
he  thinks  is  a  terrific  fit.  He  informs  his  boss, “Hey,  it’s  been 
fun,”  but  he’s  moving  on  —  and  then  he’s  stunned  to  hear, 
“Tell  me  what’s  wrong  here,  and  I’ll  fix  it.  But  you  have  to 
promise  to  stay  And  by  the  way,  here’s  more  money’ 

I’m  not  saying  the  executive  shouldn’t  accept  a  great 
counteroffer  —  but  that  won’t  rectify  all  problems. Think 
about  your  reasons  for  wanting  to  leave  in  the  first  place. 
Let’s  review  the  situation  and  consider  the  following 
worst-case  scenarios  that  might  play  out  if  you  decide  to 
stay  with  your  employer. 


Should  I  stay  or  should  I  goP 

Steve  Hall  of  Find  Great  People  International 
offers  these  variables  to  keep  in  mind  when 
considering  a  counteroffer: 


There’s  always  a  price. You’ll  be  expected  to  work 
both  harder  and  smarter.  Your  peers  might  become 
frosty,  and  your  dedication  will  be  continually 
questioned. 


There's  a  better  way  to  handle  dissatisfaction  — 
before  the  fact,  with  a  polite  confrontation  and  a 
request  for  a  change. 


Research  reveals  that  what  IT  workers  desire  most 
are  effective  training  and  mentoring,  a  higher 
earning  potential  and  a  positive  work  environment. 
Only  you  can  decide  if  your  current  company  will 
truly  provide  those  essential  ingredients. 


thing,  including  the  company’s  pecking  order,  is  now  dif¬ 
ferent.  Passive  aggression  and  veiled  hostility  might  arise 
later  from  some  unexpected  sources. 

If  co-workers  hear  of  your  new  title  and/or  perks,  a  new 
dynamic  will  develop. You  won’t  exactly  be  the  most  pop¬ 
ular  guy  or  gal  on  campus.  However  minor  your  perks, 
don’t  underestimate  how  little  it  takes  to  make  co¬ 
workers  angry;  inequality  within  the  ranks  is 


You  won't  be  trusted 

You’re  no  longer  a  team  player,  but  someone  who,  first 
and  foremost,  looks  out  for  No.  1. You’ve  already  stated  in 
effect, “I  don’t  really  want  to  be  here.”  Because  you’ve  bro¬ 
ken  the  loyalty  oath  and  held  your  employer  hostage, 
you’ll  be  henceforth  viewed  as  less  than  committed.Your 
allegiance  also  will  be  compromised  in  your  own  mind; 
something  about  the  job  just  won’t  feel  “right.” 

Perceived  lack  of  loyalty  in  addition  to  co-worker  re¬ 
sentment  and  an  employer’s  feelings  of  disempower- 
ment  could  lead  to  a  short-lived  position.  I’ve  wit¬ 
nessed  many  IT  workers  who’ve  happily  accepted 
counteroffers  in  winter  only  to  leave  by  the  next  sum¬ 
mer.  Unfortunately,  upon  leaving  this  upheaval,  the  em¬ 
ployee  no  longer  will  receive  a  good  solid  reference. 
He  more  than  likely  will  receive  a  two-word  negative 
response,  if  any. 

Accepting  a  counteroffer  isn’t  always  a  bad  decision, 
but  as  a  professional  recruiter,  I’d  be  remiss  if  I  didn’t 
urge  a  very  close  look  at  the  possible  pitfalls.  My  ulti¬ 
mate  goal  is  seeing  candidates  happy  and  successful  in 
permanent  placements,  whatever  and  wherever  those 
might  be.  So  I’d  also  encourage  a  talk  with  the  boss 
before  you  start  shopping  around,  rather  than  after. 
Address  your  misgivings  and  dissatisfactions  early;  give 
him  a  fair  chance  to  rectify  them.  It’s  quite  possible  that 
nothing  will  change  —  but  be  assured  that  you  haven’t 
wasted  your  time. 

You’ve  called  the  boss’  attention  to  the  situation  in  an 
honest,  straightforward  way  You’ve  acted  with  integrity 
while  gaining  the  assurance  of  knowing  how  much  you’re 
truly  valued  —  without  jeopardizing  your  career,  your 
economic  stability  or  your  positive  relationships 
with  peers.  And  without  pulling  out  the  verbal 


You'll  change  the  culture  of  your  company 

A  resignation  is  the  business  equivalent  of  holding  your 
boss  at  gunpoint:“Give  me  what  I  want, or  I’m  historyf’The 
counteroffer  is  the  equivalent  of  your  boss  handing  over 
cash, a  promotion,  less  travel  or  more  time  off,  and  putting 
your  gun  back  into  its  holster. 

But  the  incident  isn’t  over.  In  fact,  it  may  never  be.  You 
have  upset  an  apple  cart  and  provoked  a  panic-buy.Those 
apples  can  never  be  stacked  the  same  way,  and  every- 


lethal.  If  you  decide  to  stay  where  you  are  be¬ 
cause  it  is  familiar,  you  might  be  surprised.  By 
accepting  the  counteroffer’s  perks,  that  famil¬ 
iar  office  dynamic  will  become  foreign. 


You'll  raise  the  stakes 

Your  acceptance  of  a  counteroffer  will 
change  expectation  levels  —  both  for  your 
boss  and  for  yourself. 

After  bestowing  rewards,  it  is  human 
nature  for  your  boss  to  expect  more  from 
you. You’ll  be  held  to  a  higher  performance 
standard,  which  you  might  also  hold  your- 


equivalent  of  an  Uzi. 

What’s  more,  if  you  ultimately  decide  to 
leave  the  company  for  a  warmer  climate, 
your  boss  can  never  claim  he  didn’t  see  it 
coming. 


More  online! 


Learn  why  your  boss  is  the  main 
beneficiary  of  a  counteroffer. 

DocFinder:  5530 


Hall  is  director  of  professional  recruiting 
and  a  15-year  veteran  of  FGP  (Find  Great 
People)  international ,  a  Greenville ,  S.C., 
global  professional  search  firm  specializing 
in  IT,  apparel,  healthcare,  accounting  and 
finance.  He  can  be  reached  at  steve@ 
fgp.com. 
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OBSERVER 


How  much  can  your  network  analyzer  see? 


Observer  is  the  only  fully  distributed  network  analyzer  built  to 
monitor  the  entire  network  (LAN,  802.Ha/b/g,  Gigabit,  WAN). 
Download  your  free  Observer  10  evaluation  today  and  experience 
more  comprehensive  real-time  statistics,  more  expert  events, and 
more  in-depth  analysis  letting  you  dive  deeper  into  your  network 
than  ever  before.  Choose  Observer. 


-  BRflGER-  Guard  against  the  latest  network  threats  by  identifying 
and  isolating  infected  systems  automatically. 


-BRTR  Mini  nG-  Analyze  gigabit  traffic  and  massive  amounts 
of  data  with  Observer's  expanded  options  for  data  mining. 


-  JLinK  T RRF F  I C  -  Identify  broadcast  storms,  monitor  excessive 
traffic,  and  optimize  bandwidth  with  Observer's  many  utilization 
metrics  and  over  30  real-time  statistics. 


US  &  Canada  toll  free  800.526.5958 
fax  952.932.9545 


UK  &  Europe  +44(0)  1959569880 

www.nefworkinstruments.com/analyze 


A  KVM  switch  allows  single  or  multiple 
workstations  to  have  local  or  remote  access  to 
multiple  computers  located  in  server  rooms  or 
on  the  desktop  regardless  of  their  platforms 
and  operating  systems.  KVM  switches  have 
traditionally  provided  cost  savings  in  reducing 
energy  and  equipment  costs  while  freeing  up 
valuable  real  estate. 


SERVERS  WITHIN  YOUR  REACH 
FROM  ANYWHERE 


Recognized  as  the  pioneer  of  KVM  switch 
technology,  Rose  Electronics  offers  the 
industry's  most  comprehensive  range  of 
server  management  products  such  as  KVM 
switches,  extenders  and  remote  access 
solutions.  Rose  Electronics  products  are 
known  for  their  quality,  scalability,  ease  of  use 
and  innovative  technology. 


Rose  Electronics  is  privately  held  with  world- 
headquarters  in  Houston,  Texas  and  sells  its 
products  worldwide  through  a  large  network  of 
Resellers  and  Distributors.  Rose  has 
operations  in  the  United  Kingdom,  Spain, 
Germany,  Benelux,  Singapore  and  Australia. 
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I  SACK  DRAWER  WITH  KVM  SWITCH  OPTION 


i0?O£Stantliff  Road 
s  77099 


ROSE  US.  .  •  ,  +281  933  7673 

ROSE  EUROPE.  +44  (0)  1264  850574 

ROSE  ASIA:  +65  6324  2322 

ROSE?  AUSTRALIA  +617  3388  1540 


over  IP  or  locally 

High  quality  video  up  to  1280  x  1024 
Scaling,  scrolling,  and  auto-size  features 
Secure  encrypted  operation  with  login  and  computer 
access  control 

Advanced  visual  interface  (AVI) 

No  need  to  power  down  servers  to  install 
Free  lifetime  upgrade  of  firmware 
Available  in  several  models 
Easy  to  expand 


Models  for  4,  8,16  computers 
Advanced  visual  interface  (AVI) 

Compatible  with  Windows,  Linux,  Solaris,  and  other  O/S 

Connects  to  PS/2,  Sun,  USB,  or  serial  devices 

Converts  RS232  serial  to  VGA  and  PS/2  keyboard 

Free  lifetime  upgrade  of  firmware 

Security  features  prevent  unauthorized  access 

Full  emulation  of  keyboard  and  mouse  functions  for  automatic, 

simultaneous  booting 


Easy  to  expand 


800  333  9343 

WWW.ROSE.COM 
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KVM  over  !P 
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Cyclades  AlterPath™  KVM/net 
offers  a  unique  set  of  features: 

■  Server-based  authentication 

(NT  domain,  LDAP,  Secure  ID,  RADIUS,  TACACS+) 

■  16  and  32  port  models 

■  CAT5  cabling  up  to  500  feet 

■  User  access  logging 

■  System  event  syslog 

■  Integrated  power  management 

We've  worked  our  magic. 

Now  you  can  work  yours. 


Over  80%  of  Fortune  100 
choose  Cyclades. 

www.cyclades.com/nw 

1 .888.cyciades  •  sales@cyclades.com 


eye  lades 


©2004  Cydodes  Corporation.  All  rights  reserved.  AH  other  trademarks  and  product  images  are  property  of  their  respective  owners.  Product  imormottan  subject  to  dnnge  without  notice. 


Control  Power  on  Any  AC 
Powered  Device ... 

Via  We!)  Browser,  Telnet, 

Modem  or  Local  Terminal 

Servers,  routers,  and  other  electronic  equipment 
occasionally  “lock-up”,  often  requiring  a  service  call 
to  a  remote  site  just  to  flip  the  power  switch  to  perform 
a  simple  reboot.  With  WTI’s  Remote  Power  Switches, 
you  can  perform  reboot  and  On/Off  control  from 
anywhere! 
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Web  Browser  Access  for  Easy  Setup  and 
Operation 

Encrypted  Password  Security 

Dual  15  Amp  Power  Circuits 
Total  30  Amps  Maximum  Load 

115  VAC  and  230  VAC  Models 
Sixteen  (16)  Individual  Outlets 
RS232  Modem  /  Console  Port 
Network  Security  Features 
Power-Up  Sequencing 

Also  Available  in  4,  8  &  16  Plug  Models  and 
Horizontal  1U  and  2U  Models 


Want  an  On-Line  Demo? 

Just  call  or  email  and  you’ll  see  for  yourself  why  so  many 
network  professionals  choose  WTI. 


Yes,  We  are  Customer  Friendly! 

V  Two  Year  Warranty 

V  We  Stock  for  Same  Day  Shipment 
/  30  Day  No-Fee  Return  Policy 

y/  Start-up  Cables  and  Rack  Kits  Included 


Dual 

Power 

Inputs 
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www.v\rti.com 


western  telematic  incorporated 

5  Sterling  •  Irvine  •  California  •  92618-2517  •  (800)  854-7226 


How  Do  You 
Distribute 

20,000  Watts  in 

Your  Cabinet? 

Sentry  CDU  Cabinet  Power  Distribution 


High-density  Equipment  Cabient  Power  Distribution 

84-Outlet  Receptacles 

20,000  Watt  3-Phase  Power  Distribution  Model 

10,000  Watt  208  VAC  Power  Distribution  Model 

True  RMS  Power  Monitoring  per  Branch  Circuit 
Local:  Digitial  Displays,  Remote:  via  Interface 

Input  Power  Monitoring  Facilitates  Load  Balancing 

Web  Interface 

SNMP,  MIB  &  Traps 

Integrated  Temperature  &  Humidity  Probes 

Color-coded  Outlets  by  Branch  Circuit/Electrical 
Phase  for  Easy  Identification 

Center  Rail  '  Notch"  for  Simplifying  Cabinet  Installation 


©Server  Technology.  Inc.  Sentry  is  a  trademark  ol  Server  Technology.  Inc 
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Server 

Technology 

Soluti.ons  for  the  Data  Center  EquipmenbCabinet 

Power  demands  from 
today’s  new  servers  require 
greater  power  distribution 
in  the  equipment  cabinet. 
)e  Sentry  CDU  distributes 
power  for  up  to  42  dual- 
power  1 U  servers  in  one 
enclosure.  Single-phase  or 
3-phase  input  with  110  VAC, 
208  VAC  or  mixed  110/208 
VAC  single-phase  outlet 
receptacles. 


Server  Technology,  Inc. 

1040  Sandhill  Drive 
Reno,  NVS052HISA 

Kp<l  toll  free +1.800.835.1515 

kfisfiJ  tel  + 1  7?5 .234..200.0 
I  1  fax  + 1 . 77;,  ?84  2060 

www.servert6oh.cQnj 
sales@servertech.com 


renewed 
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Tel:  41  8.727.1122 
Fax:  408.727.8002 

3  43  1  Dt.  LA  CRUZ  HI.  VO. 
WWW.  R  EC  URRENT.COM 


EOeCIERR^t 

t  Ov  1  n  i  <>  l  <  >  ,u:i  c-  s. .  i  n  v  . 
SANTA  CLARA.  C  A  '95054 
|  N  FD@  R  EG  UR  RENT.COM 


Save  up  to  90%  on 
JiPCUPS  nth 

V  -  Smart  UPS  •  Back  UP  l 
Brand  New  UPS  Replacement 
\\  Battery  Kits 


KEFURB  .com 
Call  Us  1-866-883-9200 


Luggage,  Fine  Leather  Goods, 
Gifts,  and  more! 

Tumi,  Hartmann,  Andiamo, 
Samsonite,  Cross 
10%  discount  for  Network 
World  readers 
Enter  code  NWW  2005 


it  careers 


Advertising  Supplement 

IT  Careers:  Defense,  Security  Offer  Opportunities  Aplenty 


While  the  demand  for  information  technology 
professionals  continues  to  stabilize,  private 
contractors  and  the  government  are  pushing  to  fill  more 
than  6,000  scientific  and  technological  slots  -  including 
more  than  2,000  open  requisitions  for  software  engineers. 

These  open  jobs  were  identified  in  a  Quick-Look  Survey 
conducted  by  the  National  Defense  Industry  Association 
and  Aerospace  Industry  Association.  The  open  "reqs" 
include  positions  for  all  degree  levels,  from  associates 
through  doctoral.  By  far,  the  most  in-demand  talent 
is  for  software  engineers.  The  only  catch:  applicants  must 
have  no  "disqualifying  life  events"  that  would  prohibit 
them  from  gaining  a  security  clearance. 

The  findings  of  the  survey  were  the  topic  of  a  December 
meeting  that  brought  together  representatives  of  corporate 
America,  the  federal  government  and  its  research 
laboratories. 

"America  has  long  been  the  beacon  in  the  world  for  science 
and  technology.  I  believe  this  is  being  put  at  risk,"  says 
Michael  Wynne,  Acting  Under  Secretary  of  Defense 
(Acquisition,  Technology  &  Logistics),  in  pushing  for 
increased  attention  on  security  and  defense  jobs  available 
and  the  need  for  the  U.S.  to  maintain  its  technological  edge. 
"We  need  to  show  bright  and  talented  young  people  that 
working  for  the  government  can  change  the  world." 

In  addition  to  identifying  key  science,  math  and  engineering 
skill  needs,  Dr.  David  Chu,  Under  Secretary  of  Defense, 
Personnel  and  Readiness,  says  language  and  cultural 
literacy  are  also  important  in-demand  skills. 


According  to  Ann  Young-Ah  Lee,  operations  research 
analyst  for  the  Office  of  the  Secretary  of  Defense  Personnel 
and  Readiness  Directorate,  more  and  more  of  the  basic 
operational  IT  jobs  are  being  pushed  to  contract  suppliers 
such  as  giants  Lockheed  Martin  and  Northrop  Grumman. 
Smaller  companies  also  are  winning  increasing  loads  of 
business  for  the  government,  in  support  of  research 
laboratories,  agencies  and  military  branches.  These  range 
from  setting  up  systems  to  evaluating  medical  services 
to  logistics. 

As  with  the  commercial  sector,  the  government  is  retaining 
the  highest  level  of  design  and  management  of  contractors 
inside.  And  the  challenges  are  significant,  according  to  Lee. 
New  architectures  are  being  developed  to  handle  multi¬ 
agency  intelligence  and  work  flow  processes.  In  addition, 
there's  a  heavy  thread  of  design  and  implementation  work 
to  link  together  the  mass  of  security  and  defense  personnel 
in  the  field,  from  Iraq  to  the  local  airport.  Known  as 
network  centric  operations,  the  transformed  military  and 
security  capability  relies  heavily  on  database  development 
and  mining.  Just  as  central  to  this  operation  is  the  ability  to 
share  some  information  with  coalition  members, 
demanding  the  creation  of  high  level  security  protocols 
and  systems. 

Once  designed,  the  systems  are  contracted  in  large  degree 
-  meaning  that  people  working  in  the  defense  and  security 
realm  must  have  a  combination  of  technical,  procurement 
and  project  management  skills. 


Source:  NDIA/AIA  Quick-Look  Survey 

Among  the  benefits  of  working  for  the  government  is  a 
liberal  policy  concerning  scholarship.  Those  entering 
government  service  with  a  bachelor's  degree  are 
encouraged  to  receive  a  master's  and  there  are  doctoral 
programs  available  as  well.  The  DoD  also  is  expected  to 
push  for  a  new  National  Defense/Security  Education  Act 
that  will  provide  funds  for  education  in  return  for 
government  service. 


Source:  NDIA/AIA  Quick-Look  Survey 


For  more  information  about  IT  Careers  advertising, 
please  call:  800.762.2977 

Produced  by  Carole  R.  Hedden 
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Featured  Editorials 


IT  Careers  offers  you 
information  on  the  most  relevant 
career  management  topics 
relative  to  IT  recruitment. 

Here’s  what’s  coming  up  next: 

February  14: 

IT  Careers  in  Healthcare 

February  28: 

IT  Careers  in  Diversity 
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Be  sure  to  take  advantage  of 
this  great  opportunity  to  brand 
your  company  or  display 
your  recruitment  message  in 
IT  Careers  amid  these 
specialized  editorials 


Contact  us: 

800-762-2977 


www.itcareers.com 

Powered  By: 
Caner^ondcm 
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SYSTEMS  ANALYST  -  Analyzes 
user  requirements,  procedures 
and  problems  to  automate  pro¬ 
cessing  or  to  improve  existing 
computer  systems.  BS  in  CS  or 
Engg  or  math-related  and  2  yrs. 
exp.  in  job  offered.  Must  be  able 
to  travel,  incl.  in  the  2  yrs.,  must 
have  2  yrs.  exp.  with  various 
computer  skill  sets  such  as:  Dot 
Net  Framework,  Framework 
Class  Library  (FCL),  C#, 
VB.NET,  ASP.NET,  ADO.NET,  C, 
C++,  Visual  Basic  6.0,  AD02.6, 
Oracle  8/7.X,  SQL  Server  7/ 
2000,  DB2,  ASP  3.0,  JAVA,  JSP, 
Java  Script,  VB  Script,  HTML, 
Windows  9X/NT/2000/XP,  Visual 
Interdev,  IIS  5.0.40  Hrs./wk.  9  to 
5,  Mon-Fri;  No  overtime. 
$57,450/yr.  Apply  resume  to  Attn 
HR,  Capricorn  Systems,  Inc. 
3569  Habersham-at-Northlake, 
Building  K,  Tucker,  GA  30084. 


TTE  Technology,  Inc.  is  seeking 
a  Member  Technical  Staff/Lead 
Test  Engineer  responsible  for 
thorough  analysis  of  product 
requirements  and  generating 
system  level  test  plan  and  pro¬ 
cedures;  creating  project  test 
schedules  and  requirements/ 
specification  analysis  leading  to 
the  creation  of  test  matrix;  and 
configuration  and  management 
of  qualified  headends  and  gen¬ 
eration  of  test  streams.  Must 
have  a  Master's  degree  in  Com¬ 
puter  Engineering  or  a  similar 
field  and  3  years  of  experience 
as  a  Test  Engineer.  Salary  com¬ 
mensurate  with  experience. 
Send  cover  letter  and  resume  to 
Chad  Secrist,  Director,  Human 
Resources,  TTE  Technology, 
Inc.,  101  W.  103rd  Street, 
Indianapolis  IN  46290. 


Mphasis  Corporation  has  mul¬ 
tiple  openings  for  the  following 
positions  at  its  offices  in  New 
York,  NY,  Memphis,  TN, 
Houston,  TX,  San  Mateo,  CA 
and  unanticipated  client  sites 
throughout  the  U.S.:  System 
Analyst,  Software  Engineer, 
Project  Manager,  Manage¬ 
ment  Analyst,  Sales  Engineer, 
Business  Development  Mana¬ 
ger,  Finance  Manager.  Please 
send  resume,  salary  history 
and  position  applied  for  to  460 
Park  Avenue  South,  Suite 
#1101,  New  York,  NY  10016, 
Attn:  H.R.  Manager. 


Seeking  qualified  applicants  for 
the  following  positions  in  Mem¬ 
phis/Collierville,  TN:  Senior  Pro¬ 
grammer  Analyst.  Formulate/ 
define  functional  requirements 
and  documentation  based  on 
accepted  user  criteria.  Require¬ 
ments:  Bachelor’s  degree*  or 
equivalent  in  computer  science. 
MIS.  engineering  or  related  field 
plus  5  years  of  experience  in 
systems/applications  develop¬ 
ment.  Experience  with  COBOL, 
IMS  and  DB2  also  required. 
'Master's  degree  in  appropriate 
field  will  offset  2  years  of  gener¬ 
al  experience.  Submit  resumes 
to  Jay  Boane,  FedEx  Corporate 
Services,  40  FedEx  Parkway, 
2nd  Floor  Horizontal,  Collierville, 
TN  38017.  EOE  M/F/D/V. 


Programmer/Analyst 
w/BS  degree  &  2  yrs. 
exp.  wanted  in  Sal¬ 
em,  Oregon.  Send  re¬ 
sume  to:  HR  Dept., 
Scicom  Americas, 
Inc.,  1500  S.  Dairy 
Ashford,  #241,  Hous¬ 
ton,  TX  77077. 


Seeking  qualified  applicants  for 
the  following  positions  in  Collier¬ 
ville,  TN:  Senior  Programmer 
Analyst.  Formulate/define  func¬ 


tional  requirements  and  docu¬ 
mentation  based  on  accepted 
user  criteria.  Requirements:  Ba¬ 
chelor's  degree  or  equivalent*  in 
computer  science,  MIS,  engi¬ 
neering  or  related  field  plus  5 
years  of  experience  in  sys¬ 
tems/applications  development. 
Experience  with  designing/cod¬ 
ing  GIS  applications  using  Map- 
Quest  Geolocate  and/or  ESRI 
server  GIS  products  also  re¬ 
quired.  'Master's  degree  in  ap¬ 
propriate  field  will  offset  2  years 
of  general  experience.  Submit 
resumes  to  Tim  Ames,  FedEx 
Corporate  Services,  80  FedEx 
Parkway,  2nd  Floor  Horizontal 
Collierville,  TN  38017.  EOE 
M/F/D/V. 


Programmer/Analyst  needed  for 
Software  Development,  Servic¬ 
es  &  BPO  firm  located  in 
Burlington,  VT.  Job  duties 
include:  Analyze,  design,  devel¬ 
op,  and  implement  J2EE  com¬ 
puter  applications  for  various 
clients  located  throughout  the 
U.S.  Use  J2EE  tools  including 
struts  framework  and  top  link. 
Also  use  WebLogic,  EJB,  UML, 
and  HTML  to  accomplish  tasks. 
Applicant  must  have  B.S. 
degree  in  Computer  Science, 
Business,  Math  or  Engineering. 
Applicant  must  also  have  2  yrs. 
exp.  in  the  job  duties  described 
above  or  in  any  computer  relat¬ 
ed  occupation  which  must 
include  the  skills  listed  above. 
40hrs/wk,  8am-5pm,  M-F, 
$65,000/yr.  Send  resumes  to: 
Job  No.  30293,  PO.  Box  488, 
Montpelier,  VT  05601-0488. 


Consulting 

EMC  Corporation  (Documentum 
Division)  has  an  opening  for 
Consultant.  Responsibilities 
include  engaging  independently 
with  clients  regarding  require¬ 
ment  definition,  solution  feature 
mapping,  solution  design,  infra¬ 
structure  analysis,  and  accep¬ 
tance  testing;  and  leading  code 
design,  development,  unit  test¬ 
ing,  deployment  exercises, 
deliverable  development,  and 
administrative  training.  Home 
office  with  extensive  travel 
throughout  US.  Please  e-mail 
resume  to:  Kristy  Zimmerman 
(kristy.zimmerman@documen- 
tum.com).  Please  reference: 
RO/SQ 


Software  Engg.  needed. 
Pathfire,  Inc.,  a  Roswell,  GA 
based  co.  seeking  qual.  can¬ 
didates  possessing  MS/BS 
or  equiv.  and/or  rel.  work 
exp.  Part  of  the  req.  rel.  exp. 
must  include  2  yrs.  designing 
&  developing  Multicast  Tran¬ 
smission  Engines.  Duties 
include:  Design,  code,  test, 
and  debug  software.  Inte¬ 
grate,  design,  &  dev.  Multi¬ 
cast  Transmission  Engines. 
Work  closely  w /  project  lead¬ 
ers.  Fwd.  res.  &  ref.  to 
hr@pathfire.com. 


Intrado,  Inc.  seeks  applicants  for 
the  positon  of  GIS  Developer/ 
Analyst  in  Longmont,  CO  to  en¬ 
hance,  design  and  develop  web 
enabled  computer  mapping  ap¬ 
plications  that  utilize  spatial  data 
contained  in  an  Oracle  data¬ 
base.  This  postition  requires  a 
bachelor's  degree  in  Geographic 
Information  Systems  (GIS)  or 
closely  related  field,  including 
geography  with  a  GIS  major  and 
2  yrs  exp  in  analysis,  manage¬ 
ment,  enhancement  and  utiliza¬ 
tion  of  spatial  data  in  an  Oracle 
database  utilizing  ESRI  Soft¬ 
ware/Tools  -  Arclnfo,  ArcEdit, 
ArcMap,  ArcView,  ArcCatalog 
and  ArcSDE.  Respond  by 
resume  to  Tina  Gibbons,  3030 
Warrenville  Rd.,  Lisle,  IL  60532. 


Finding  the  right  combination  of 
IT  professi  nals  is  like  puttir  g 
together  puz;  e. 


We  can  help  you 
fill  in  the 
missing  pieces 


IT  Careers  audience 
consists  of  the 
most  qualified 
IT  professionals 
with  the  in-demand 
skills  you  need. 
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Search  Resumes 
Post  Jobs 
GET  RESULTS! 
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ATTENTION: 

Law  Firms, 

IT  Consultants: 
Staffing  Agencies 


Place  your 
Labor  Certification 
ads  here! 

Are  you  frequently  placing 
legal/ immigration  advertisements? 
Let  us  help  you  put  together  a 
cost  effective  program  that  will 
make  this  time-consuming 
task  a  little  easier. 

Contact:  Danielle  Tetreault  at: 
800-762-  2977 

iTlcareers 


Computer  Support  Special¬ 
ist  wanted  by  Stellar  Ser¬ 
vices  in  NY,  NY.  Requires 
MS  in  Telecommunications 
or  related  field  w/'min  2  yrs 
exp.  Job  duties:  trouble¬ 
shoot  &  support  data  net¬ 
work  system  in  Cisco/NT 
PC/LAN/WAN/Voice  Over 
IP  environment.  Exp  w / 
routers  &  PC  security 
req'd.  Fax  resume  to  212- 
432-2846. 


Top  10  reasons  why  you 
should  advertise  your 
recruitment  message 
with  IT  Careers. 


IT  Careers  Audience  Skill 
Survey  2003/2004 


• 

IIS/MIS/IT 

84% 

• 

Windows  2000 

83% 

• 

TCP/IP 

83% 

• 

Windows  95/98 

82% 

• 

PC/s 

80% 

• 

Unix  NET/Linux 

75% 

• 

Networking/Telecom 

74% 

• 

Windows  NT 

73% 

• 

Windows  XP 

69% 

• 

Intemet/Web  Dev./E-Com. 

68% 

Your  direct  line 
of  communication 
to  qualified  IT 
Professionals 
with  the  most  in 
demand  IT  skills 


IT 


careers 


Contact  us:  800-762-2977 


SYSTEMS  ANALYST  -  Analyzes 
user  requirements,  procedures 
and  problems  to  automate  pro¬ 
cessing  or  to  improve  existing 
computer  systems.  BS  in  CS  or 
Engg  or  math-related  and  2  yrs. 
exp.  in  job  offered  or  Master's  in 
CS  or  math-related  required. 
Must  be  able  to  travel.  Incl.  in 
the  2  yrs.,  must  have  2  yrs.  exp. 
with  various  computer  skill  sets 
such  as  ASP.NET,  C#,  BizTalk, 
SharePoint,  XML,  Web  Servic¬ 
es,  Windows  Forms,  Microsoft 
Exchange  Server  2003,  Web 
Forms,  Perl,  C++,  Network 
Programming,  Experience  with 
Macintosh  systems,  ASP,  Java¬ 
script,  Java,  SQL  Server  2000- 
.40  Hrs./wk.  9  to  5,  Mon-Fri;  No 
overtime.  Apply  resume  to  Attn 
Nagesh,  HR,  Capricorn  Syst¬ 
ems,  Inc.  3569  Habersham-at- 
Northlake.  Building  K,  Tucker, 
GA  30084. 


Programmer/Analyst  (multiple 
positions)  needed  for  Software 
Development,  Services  &  BPO 
firm  located  in  Burlington,  VT. 
Job  duties  include:  Analyze, 
design,  and  develop  computer 
applications  for  clients  located 
throughout  the  U.S.  Develop 
voice  enabled  applications  and 
speech  recognition  and  interac¬ 
tive  voice  systems.  Use  TTS/ 
Text  2  Speech.  Use  Visual 
Basic,  Visual  C++,  and  Sybase 
on  Windows  NT  and  Unix 
Platforms  to  develop  various 
applications.  Applicant  must 
have  B.S.  degree  in  Computer 
Science,  Business,  Math  or 
Engineering.  Applicant  must 
also  have  2  yrs.  exp.  in  the  job 
duties  described  above  or  in  any 
computer  related  occupation 
which  must  include  the  skills  list¬ 
ed  above.  40hrs/wk,  8am-5pm, 
M-F,  $57,008/yr.  Send  resumes 
to:  Job  No.  30380,  P.O.  Box  488, 
Montpelier,  VT  05601-0488. 


SOFTWARE  ENG  2  - 
Design,  develop  and  test 
complex  operating  soft¬ 
ware  applications.  B.S. 
Comp  Science/  Engin  or 
equiv  &  2  years  exp, 
must  be  proficient  in 
UNIX,  relational  databas¬ 
es,  LoadRunner,  Siebel 
&  Mercury’s  Test  Director 
Tool.  Apply  to:  Harland 
Co.,  Attn:  Michael  Hoeh, 
2939  Miller  Road  Atlanta, 
Ga  30035. 


Health  Systems  Analyst  Progra¬ 
mmer  to  analyze  operational 
processes  and  information  gen¬ 
eration  or  utilization.  Duties  in¬ 
clude  developing,  testing,  imple¬ 
menting  and  supporting  comput¬ 
er-based  information  systems; 
also  assisting  lower-level  ana¬ 
lyst  programmers  with  technical 
problems.  Requirements:  Bach¬ 
elors  degree  in  Computer  Sci¬ 
ence  or  related  field  and  a  mini¬ 
mum  of  24  months  experience. 
C#.NET  development,  Java  de¬ 
velopment,  VisualStudio.NET, 
strong  background  in  Oracle 
database  and  SQL  are  required. 
Please  send  resumes  to  Chris¬ 
topher  Jircitano,  Vanderbilt  Univ¬ 
ersity,  Informatics  Center,  B-706 
TVC,  Nashville,  TN  37232-5655. 


COMPUTER  PROGRAMMER 

Develop/implement  inventory 
program  throughout  restaurant 
chain.  Evaluate  requests  for  new 
/modified  programs;  determine 
feasibility,  cost,  compatibility. 
Develop/implement  payroll  pro¬ 
gram;  interface  all  systems.  In¬ 
stall  interface  system  to  forward 
orders  from  cashier  to  kitchen. 
Manage  receipts/expenditures; 
payroll  tax  deposits/reconcilia¬ 
tion;  profit/loss  reporting.  Imple¬ 
ment  point-of-sale  system  to 
record  receipts  by  product;  mai¬ 
ntain  all  programs.  BS  Computer 
Engineering/related  field;  prof,  in 
Visual  Basic.  8:00am-5:00pm  M- 
F.  Resumes  to:  AMB,  Inc.,  ATTN: 
Mostafa  Amlashi,  2002  Augusta 
Street.  Greenville,  SC  29605. 


INTERNET  SOLUTIONS 
ENGNR 

Install  &  maintain  HP-UX  soft¬ 
ware.  Specific  duties  inch  (i)  set¬ 
ting  up  scripts  &  configs;  (ii)  act 
as  primary  operations  contact 
for  UNIX  &  EMC  related  issues; 
(iii)  provide  basic  training  to 
other  on-site  staff;  (iv)  coordi¬ 
nate  backups  &  failovers;  (v) 
assist  in  disaster  recovery  plan¬ 
ning;  (vi)  assist  DBAs  in  hard¬ 
ware  capacity  planning;  &  (vii) 
producing  storage  reports. 
Bach,  degree  in  Comp.  Sci., 
Math,  Engnrg  or  Bus.  +  2  yrs 
exp.  in  position  offered  or  as  a 
Sys.  or  Applns  Engnr/Program- 
mer  or  Software  Engnr  reqd. 
Exp.  must  inch  HP-UX/Solaris 
Admin.,  HP-Omniback  &  MC 
Service  Guard.  High  mobility 
preferred.  40  hrs/wk,  OT  as 
reqd,  8am  -  5pm,  $66,730/yr. 
Submit  resume  to:  Mon  Valley 
Regional  CareerLink,  Donora 
Industrial  Park,  570  Galiffa 
Drive,  Donora,  PA  15033-1385. 
Refer  to  Job  Order  No.  WEB 
484986. 


InfoPro  Solutions,  Inc.,  is  cur¬ 
rently  seeking  Project  Managers 
possessing  MS/BS  or  equiva¬ 
lent  and/or  relevant  work  experi¬ 
ence.  Duties  include:  Work 
closely  with  client  project  man¬ 
ager  and  team  to  develop  and 
execute  software  implementa¬ 
tion  plan;  act  as  liaison  between 
client  and  company;  Coordinate 
InfoPro's  training,  business  and 
technical  analyst  resources 
activities  for  the  implementation 
project;  Ensure  delivery  dates 
and  commitments  are  met; 
Assist  client  in  identification  and 
management  of  business  pro¬ 
cess  transition  area;  Manage 
the  transition  of  the  project  from 
implementation  into  post-pro¬ 
duction  support  phase.  Back¬ 
ground  in  Supply  Chain,  MRP 
and/or  Inventory  control  Sys¬ 
tems  and  exp.  in  the  Pharma¬ 
ceutical  Industry  is  desires.  Mail 
resume,  references  and  salary 
requirements  to:  InfoPro  Solu¬ 
tions,  Inc.,  238  Littleton  Road, 
#207,  Westford,  MA  01886. 


Health  Database  System  Ana¬ 
lyst  to  conduct  biological  soft¬ 
ware  engineer  and  biological  da¬ 
ta  analysis  for  Vanderbilt  Ingram 
Cancer  Center  biostatistics  divi¬ 
sion.  Core-Duties  include  desig¬ 
ning  and  developing  web-based 
biostatistics  system  for  medical 
(clinical)  data  and  biological  data 
such  as  microarray  and  pro- 
teomics;  creating  and  imple¬ 
menting  various  data  analysis 
methods  using  Perl  and  C#. 
Requirements:  Master's  degree 
in  Computer  science  or  related 
field  or  Bachelor's  Degree  and  3 
years  of  experience.  Strong 
background  in  Biological  or 
Chemical  science  required  in 
order  to  analyze  the  microarray 
data  or  proteomics  data.  Must 
know  object-oriented  program¬ 
ming,  designing  and  developing 
web-based  biostatistics  system 
on  Linux,  Apache  and  MySQL  or 
Oracle  Database;  Familiar  with 
Microsoft  Visual  Studio,  Dream¬ 
weaver  MX,  Photoshop  and 
PowerBuilder;  Experience  in 
analysis  is  preferred.  Please 
send  resumes  to  Yu  Shyr,  571 
Preston  Bldg,  Vanderbilt  Univer¬ 
sity,  Nashville,  TN,  37232-6848. 


Network  Administrator:  In¬ 
stall,  configure  and  secure 
wired  &  wireless  networks; 
spyware/virus  removal; 
data  recovery.  Reqs  know¬ 
ledge  &  application  of 
TCP/IP/Network  Topology 
and  VPN  Remote  access; 
Network  service  and  pro¬ 
tocols  (DNS,  DHCP),  Sur¬ 
veillance  System  &  Re¬ 
mote  Access  setup.  Reqs 
travel.  Bachelors  +  exp. 
Fax  resume  to  Valji  @ 
(954)  973-3775. 


Software  Engineer  (Atlanta, 

GA)  -  Responsible  for  Java 
based  design,  development  and 
maintenance  of  rule-based  front 
and  back-end  enterprise  JSP 
and  EJB  web  application  com¬ 
ponents  on  J2EE  server.  Will  ut¬ 
ilize  SQL,  JDBC,  relational  data¬ 
bases  to  develop  and  maintain 
mission  critical  java  based  web 
applications.  Prepare  “use  case" 
documents,  business  require¬ 
ments  and  flowcharts.  Must 
have  a  Bachelors  degree  or 
equivalent  in  Computer  Science. 
Engineering,  or  related  field  and 
4  years  of  experience  in  the  job 
offered  or  4  years  experience  in 
a  java  development  position. 
Experience  mentioned  may 
have  been  obtained  concurrent¬ 
ly  and  must  include:  (i)  2  years 
experience  with  J2EE  web  appli¬ 
cation  server,  (ii)  2  years  of 
experience  each  with  SQL  and 
Oracle  MS  SQL  (iii)  2  years  of 
experience  developing  rule 
based  applications,  (iv)  1  year  of 
experience  each  with  JSP  and 
EJB,  (v)  2  years  object-oriented 
design;  and  (vi)  1  year  of  experi¬ 
ence  with  object-oriented  design 
patterns.  Must  have  legal  auth¬ 
ority  to  work  in  U.S.  Send  res¬ 
ume  to  A.  Reed,  Gate  Gourmet, 
Inc.,  The  Waterstone  Bldg.,  Ste. 
480,  4751  Best  Road,  Atlanta, 
GA  30337. 


Programmer-Analyst  needed 
for  Software  Development, 
Services  &  BPO  firm  located  in 
Burlington,  VT.  Job  duties 
include:  Analyze,  design,  devel¬ 
op,  test,  and  implement  web- 
based  applications  for  clients 
located  throughout  the  U.S.  Use 
ASP.NET,  C#,  .NET  Web  Ser¬ 
vices,  WMI,  ASP,  and  BizTalk 
Server.  Applicant  must  have 
B.S.  degree  in  Computer  Sci¬ 
ence,  Business,  Math  or  Engin¬ 
eering.  Applicant  must  also 
have  2  yrs.  exp.  in  the  job  duties 
described  above  or  in  any  com¬ 
puter  related  occupation  which 
must  include  the  skills  listed 
above.  40hrs/wk,  8am-5pm,  M- 
F,  $60,000/yr.  Send  resumes  to: 
Job  No.  30302,  P.O.  Box  488, 
Montpelier,  VT  05601-0488. 


Project  Planning  (systems  ana¬ 
lyst)  needed  for  Software  De¬ 
velopment,  Services  &  BPO  firm 
located  in  Burlington,  VT.  Job 
duties  include:  Engage  in  project 
planning  for  computer  applica¬ 
tions  and  software  development 
projects  for  clients  located 
throughout  the  U.S.  Analyze 
projects  to  determine  appropri¬ 
ate  activities  to  insure  satisfacto¬ 
ry  completion.  Analyze  cost  and 
resource  data  and  coordinate 
both.  Establish  key  project  mile¬ 
stones  and  monitor  progress. 
Work  with  technical  project  man¬ 
agers.  Use  Primavera  Enter¬ 
prise  and  Report  Writer  to  ac¬ 
complish  tasks.  Applicant  must 
have  B.S.  degree  in  Computer 
Science,  Business,  Math  or  En¬ 
gineering.  Applicant  must  also 
have  2  yrs.  exp.  in  the  job  duties 
described  above  or  in  any  com¬ 
puter  related  occupation  which 
must  include  the  skills  listed 
above.  40hrs/wk,  8am-5pm,  M- 
F,  $64,000/yr.  Send  resumes  to: 
Job  No.  30295,  P.O.  Box  488, 
Montpelier,  VT  05601-0488. 


Systems  Analyst/ 
Programmer  want¬ 
ed  by  Fin.  services 
firm  in  Manhattan. 
Tu-Sa,  4pm-12am. 
Bachelor's  degree, 
comp,  skills.  Fax 
resume  to:  212- 
509-0394,  Attn: 
Mason. 


Senior  Network  Architecture 
Engineer  (Itasca.  IL):  Utilize 
skills  in  multi-protocol  and  multi¬ 
platform  networks  to  develop 
networking  strategies,  network 
design,  and  sound  network 
management  approaches.  Use 
structured  methodology  and 
engage  in  the  analysis,  design 
and  implementation  of  complex 
systems.  Participate  in  the 
development  of  requirements, 
project  management,  and  de¬ 
sign  and  implementation  of  com¬ 
plex  systems.  Must  have  a 
Bachelor's  Degree  or  equivalent 
in  Computer  Science,  CIS  or 
related  field  (Will  accept  three 
years  of  experience  in  lieu  of 
every  1  year  of  education.)  and 
must  have  5  years  experience  in 
the  job  offered  or  in  a  position 
implementing  infrastructure  sol¬ 
utions.  Experience  may  have 
been  obtained  concurrently  and 
must  include:  (i)  3  years  design 
in  architecture  of  Infrastructure, 
including  switches,  routers  and 
gateways,  LAN  and  WAN  using 
Cisco  equipment  and  services 
(ii)  3  years  each  in  design  with 
multi-protocol  data  communica¬ 
tion  suites  TCP/IP,  Novell  IPX 
and  OSI  protocol  stacks  (iii)  3 
years  design  and  implementa¬ 
tion  in  distance  vector  and  link 
state  routing  protocols  (iv)  3 
years  experience  in  drafting  of 
technology  documentation  (v)  1 
year  of  supervisory  experience 
(vi)  2  years  experience  in  prod¬ 
uct  management  and  project 
management  methodologies 
and  (vii)  Must  be  willing  to  travel 
nationwide  as  needed  on  a 
100%  basis.  Must  have  legal 
authority  to  work  in  U.S.  Resu¬ 
me  to  Anthony  Murphy  (SNAE), 
Spherion  Corporation,  One 
Pierce  Place,  Ste  550W,  Itasca, 
IL  60143. 


Senior  Quality  Assurance/Tester 
needed  in  Tampa,  FL;  40  hrs. 
per  wk.,  9  a.m.  -  6  p.m.;  $75,000 
per  yr.;  requires  Master  of 
Science  degree  in  Comp.  Sci., 
Math,  Eng'g.,  or  related  &  3 
years  exp.  in  job  offered  or  in 
Related  Occup./Systems  Ana¬ 
lyst;  Bachelor's  degree  in  the 
foregoing  &  5  yrs.  of  progressive 
exp.  will  substitute  for  Master's 
degree  &  3  yrs.  exp.  duties; 
apply  analytical  skills  &  knowl¬ 
edge  of  software  design  &  de¬ 
velopment  technologies,  includ¬ 
ing  Visual  Basic,  Oracle,  Java 
C/C++,  UNIX,  HTML,  JavaScript 
&  Structured  Query  Language  to 
test  computer  programs  &  sys¬ 
tems  for  desktop,  web-based  & 
client/server  applications  to  id¬ 
entify  errors  &  to  ensure  confor¬ 
mance  to  standards;  write  & 
revise  system  design  proce¬ 
dures,  test  procedures  &  quality 
standards,  as  needed;  diagnose 
system  problems;  recommend 
solutions  &  determine  whether 
program  requirements  have 
been  met.  Send  resume  to 
Workforce  Program  Support, 
P.O.  Box  10869,  Tallahassee,  FL 
32302-0869  JOB  ORDER  #FL- 
2594394. 


SOFTWARE  CONSULTANT 

Analyze  &  eval.  existing  or  pro¬ 
posed  software  sys.  Dvlps.  im¬ 
plements  &  improves  programs, 
sys.  &  related  procedures  to  pro¬ 
cess  data  using  in-depth  knowl¬ 
edge  of  software  dvlpmnt  life 
cycle.  Enclodes,  tests,  debugs  & 
installs  operating  progs.  &  other 
sys.  software  utilizing  knowl¬ 
edge  of  RDMBS  environments  & 
prog,  languages.  Bach,  degree 
in  Comp.  Sci.,  Math,  Engnrg  or 
Bus.  +  2  yrs  exp.  in  position  of¬ 
fered  or  as  a  Software  Engnr, 
Prog.  Analyst,  Sys  Analyst  or 
Tech.  Consultant  reqd.  Exp. 
must  inch  (a)  JAVA.  XML  &  C++; 
(b)  Oracle  &  DB2;  &  (c)  MQ 
Series,  Websphere  Business  In¬ 
tegration  &  Tomcat.  High  mobili¬ 
ty  preferred.  40  hrs/wk,  OT  as 
reqd,  8am  -  5pm,  $66,730/yr. 
Submit  resume  to:  Mon  Valley 
Regional  CareerLink,  Donora 
Industrial  Park,  570  Galiffa 
Drive,  Donora,  PA  15033-1385. 
Refer  to  Job  Oraer  No.  WEB 
485293. 
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GA  add  ‘personality' 
to  PC  mgmt  suite 


Software  unmasks  those 
who  try  to  hide  identity 


■  BY  DENISE  DUBIE 

Computer  Associates  this  week 
is  set  to  debut  software  that  will 
help  customers  move  end-user- 
specific  data  from  one  desktop 
machine  to  another. 

Unicenter  Desktop  DNA  rl  1 
software  will  capture  the  “person¬ 
ality”  of  end-user  desktops  and 
mobile  devices  such  as  laptops  to 
help  IT  managers  rebuild  PCs 
more  quickly  when  migrating, 
upgrading  or  recovering  crashed 
client  machines.  Based  on  tech¬ 
nology  CA  acquired  with  Mira¬ 
mar  Systems  in  March  2003,  Desk¬ 
top  DNA  captures  the  software 
running  on  an  end-user  machine, 
including  software  versions,  ap¬ 
plications  and  personal  favorites, 
and  automates  moving  that  infor¬ 
mation  to  new  machines. 

According  to  Harry  Butler,  sup¬ 
port  center  manager  for  electron¬ 
ics  supplier  EFW  in  Fort  Worth, 
Texas,  Desktop  DNA  shaves  hours 
off  the  time  it  takes  his  staff  to 
upgrade  1,800  client  machines. 

“If  a  person’s  desktop  crashed, 
we  used  to  very  quickly  roll  out  a 
standard  off-the-shelf  box  for 
them,”  he  says.“Following  that,  our 
support  people  would  spend 
hours  helping  the  end  user  get  all 
the  little  customizations  he  or  she 
put  on  the  machine  back.” 

A  Desktop  DNA  user  before  the 
acquisition,  Butler  says  CA  added 
improved  scripting  capabilities, 
which  lets  him  include  home¬ 
grown  and  legacy  applications  in 
the  automated  migration  and 
upgrade  processes.  He  says 
another  new  feature  lets  cus- 
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Outsourcing 

options 

A  recent  Forrester  sur¬ 
vey  of  146  companies 
with  more  than  1,000 
employees  found  that 
33%  of  organizations 
outsourced  their  desk¬ 
top  management;  52% 
of  those  outsourced  to 
a  large  IT  services  firm, 
and  12%  outsourced  to 
their  PC  hardware 
manufacturer. 


tomers  schedule  when  and  how 
to  capture  data  from  client  mach¬ 
ines  —  during  off  hours  or  at  a 
staggered  rate  that  won’t  stress 
the  network  or  slow  traffic.  With 
this  feature,  he  can  tell  the  soft¬ 
ware  to  run  a  job  and  store  the 
data  until  he  decides  to  upgrade 
or  needs  to  rebuild  a  machine.“It 
keeps  data  very  current  for  disas¬ 
ter-recovery  purposes,”  he  says. 

Desktop  DNA  can  work  on 
a  stand-alone  basis,  with  CA 
software  or  other  third-party  man¬ 
agement  applications.  Desktop 
DNA  runs  on  a  Windows  server 
and  can  connect  to  client  mach¬ 
ines  via  a  network,  with  a  logon 
script  or  by  using  third-party  appli¬ 
cations.  The  CA  package  com¬ 
petes  with  similar  offerings  from 
vendors,  such  as  LANDesk,  Nova- 
digm  and  Marimba. 

Pricing  for  Desktop  DNA  starts 
at  $22  per  node  for  100  nodes.  ■ 
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■  BY  ANN  BEDNARZ 

Conventional  wisdom  holds 
that  it’s  not  what  you  know,  but 
who  you  know  that  matters.  In 
the  world  of  identity  resolution 
software,  that  adage  is  particu¬ 
larly  relevant. 

Identity  resolution  software 
finds  relationships  between  indi¬ 
viduals  —  demonstrating  ob¬ 
scure  links  between  people  who 
could  be  in  cahoots,  or  discover¬ 
ing  that  two  or  more  individuals 
thought  to  be  separate  people  are 
in  fact  the  same  person.  It’s  a  mar¬ 
ket  that’s  gotten  a  lot  of  attention 
since  the  Sept.  1 1  terrorist  attacks. 

Most  recently,  IBM  made  its 
interest  clear  in  the  technology  by 
acquiring  SRD  for  an  undisclosed 
amount. 

SRD  developed  analytics  soft¬ 
ware  that  specializes  in  gleaning 
information  about  individuals’ 
identities  and  discovering  ob¬ 
scure  associations  —  such  as  if 
someone  is  bouncing  checks  at 
five  banks  using  five  different 
names  or  identities. 

The  software  can  sift  through 
and  identify  multiple  records  that 
might  appear  to  describe  differ¬ 
ent  people,  but  in  reality  are  relat¬ 
ed  to  one  person.  The  software 
also  detects  suspicious  relation¬ 
ships  —  such  as  a  hazardous 
material  licensee  sharing  an 
address  with  a  suspected 
terrorist. 

“We’re  talking  about  discover¬ 
ing  the  [Drug  Enforcement  Agen¬ 
cy]  agent’s  college  roommate’s 
ex-wife’s  current  husband  is  the 
drug  lord  kind  of  connection,” 
says  Jeff  Jonas,  SRD’s  founder  and 
now  an  IBM  employee. 

SRD  originally  built  its  software 
in  the  late  1980s  to  help  credit 
and  collections  agencies  figure 
out  how  to  find  bill  evaders. 
“There  was  a  problem  with  peo¬ 
ple  who  would  go  to  a  hospital 
and  intentionally  use  their  middle 
name,  or  change  one  or  two  digits 
of  their  Social  Security  number  to 
avoid  being  billed,”  Jonas  says. 

In  response,  SRD’s  software  was 
designed  to  work  through  unin¬ 
tentional  data  discrepancies,  as 
well  as  efforts  to  intentionally 
obfuscate  identities,  Jonas  says. 
The  technology  later  found  a 
place  in  the  casino  gaming  indus¬ 
try,  which  is  obligated  to  make 
sure  certain  criminals  aren’t 
employed  by,  or  doing  business 


with,  casinos. 

Today,  businesses  can  use  the 
technology  to  get  an  accurate 
view  of  individuals  and  relation¬ 
ships  in  real  time,  seeing  associa¬ 
tions  that  previously  were  nearly 
impossible  to  discover,  IBM  says. 

Companies  could  use  it  to  ag¬ 
gregate  customer  information 
scattered  among  multiple  sys¬ 
tems,  reconciling  slight  variations 
in  a  name  or  address  —  4737 
Simeron  Drive  vs.  4737  Cimarron 
Drive,  for  example  —  along  the 
way,  to  create  a  single  view  of  a 


customer.  The  information  might 
come  in  handy  during  a  back¬ 
ground  check  of  a  job  applicant 
or  when  a  high-valued  customer 
makes  a  purchase,  for  example. 

With  its  acquisition  of  SRD 
complete,  Big  Blue  now  offers 
two  software  products  based  on 
SRD  technology,  with  a  third  on 
the  way: 

•  DB2  Identity  Resolution: 
Unifies  disparate  information  to 
pull  together  a  complete  picture 
of  all  that  is  known  about  an 
individual. 

•  DB2  Relationship  Resolution: 
Detects  obvious  and  non-obvious 
relationships  from  myriad  data 
sources. 

•  DB2  Anonymous  Resolution: 
Detects  individuals’  relationships 
while  protecting  certain  personal 
information.  It  is  in  beta  testing 
and  will  be  available  in  the  sec¬ 


ond  half  of  this  year. 

Pricing  for  the  available  prod¬ 
ucts  starts  at  $155,000  per  CPU, 
plus  $100,000  per  1  million  data 
source  records. 

SRD’s  software  can  run  on  IBM 
and  non-IBM  data  platforms,  in¬ 
cluding  Oracle  and  Microsoft 
databases.  The  software  operates 
in  real  time,  correcting  informa¬ 
tion  about  a  person  as  new  infor¬ 
mation  becomes  available. 

“A  company  might  get  two 
records  in  and  not  be  able  to  tell 
with  certainty  that  they  are  relat¬ 


ed  to  the  same  person.  Weeks 
later,  another  record  might  pro¬ 
vide  new  information,  making  it 
clear  that  all  three  of  the  records 
are  the  same  person,”  Jonas  says. 
“Entity  resolution  grows  this 
understanding.  We  accumulate 
context  about  identities.” 

IBM  plans  to  integrate  SRD’s  op¬ 
erations  into  its  information  man¬ 
agement  software  group.  SRD  is 
the  20th  company  IBM’s  software 
division  has  acquired  since  2001, 
and  the  seventh  for  its  DB2  infor¬ 
mation  management  division. 

SRD’s  competition  included 
Language  Analysis  Systems,  which 
specializes  in  multicultural  name 
recognition.  Its  LAS  NameHunter 
software  helps  government  agen¬ 
cies  search  and  recognize  foreign 
names,  screen  potential  terrorists 
and  perform  background  checks, 
for  example.  ■ 


■  Network  World,  118  Turnpike  Road, 


Linking  individuals 


IBM’s  DB2  Relationship  Resolution  software  seeks  hidden 
relationships  between  parties. 


IBM  DB2  Relationship  Resolution  software 


Internal  incident  systems  and  watch  lists 


O  IBM’s  entity  resolution  ©  Ike  software  converts  the  ©  The  software  sends  alerts 
software  aggregates  data  data  to  a  standard  XML  as  it  finds  suspicious  or 
format  and  runs  a  series 
of  cleansing  and 
standardization  processes. 


from  multiple  internal  and 
external  sources,  including 
relational  databases,  files 
and  application  data. 


significant  relationships 
between  entities. 


A  dozen  for  the  new  year 


“ Making  resolutions  is  a  cleansing 
ritual  of  self-assessment  and  repen¬ 
tance  that  demands  personal  hon¬ 
esty  and,  ultimately,  reinforces  humili¬ 
ty.  Breaking  them  is  part  of  the  cycle." 
—  Eric  Zom,  Chicago  Tribune 

In  all  of  the  excitement  over 
Network  World’s  crystal  ball  issue,  it  seems  we’ve 
missed  one  of  those  rituals  that  is  required  when 
Jan.  1  rushes  up  to  remind  us  that  we’re  a  year 
older  and  deeper  in  debt.  That  ritual  is  the  making 
of  resolutions. 

Resolutions  are  interesting  things  because  the 
coming  of  a  new  year  always  seems  to  require 
action,  renewal  and  a  cleaning  of  cupboards.  But 
seeing  as  how  we’re  all  business  here,  personal  res¬ 
olutions  are  not  of  interest. 

What  we  want  to  address  are  the  things  in  the  IT 
world  that  will  make  us  more  successful,  happier 
and  less  stressed. 

So,  here  are  my  top  12  suggestions  for  resolutions 
that  IT  folks  might  want  to  take  to  heart: 

1. 1  will  read  Network  World  every  week  starting  at 
the  back  page,  then  skip  to  Gearhead,  and  then 
read  the  entire  paper  from  front  to  back  or  any 
order  I  prefer,  but  I  will  read  it  I  swear. 

2. 1  will  work  no  more  than  50  hours  each  week, 


which  will  include  the  time  I  spend  logged  on  from 
home  or  talking  on  the  phone  to  idiot  executives 
who  are  too  brain  damaged  by  travel  to  remember 
how  to  switch  on  their  laptops.  They  don’t  pay  me 
enough  for  the  hours  I  give  them,  and  it’s  not  like 
I’m  not  expendable  for  heaven’s  sake!  I  will  remem¬ 
ber  that  at  the  first  sign  of  a  downturn  in  our  mar¬ 
ket  the  IT  offices  will  look  like  we’re  having  a  ticker 
tape  parade  with  pink  paper. 

3. 1  will  try  to  appreciate  the  requests  for  automat¬ 
ing  the  business  processes  that  the  various  depart¬ 
mental  managers  ask  us  to  take  on  as  projects  and 
try  not  to  giggle  when  I  tell  them  that  we  get  about 
100  such  requests  every  year,  and  have  the  budget 
to  do  one  of  them.  I  will  not  try  to  surreptitiously 
take  a  picture  with  my  cell  phone  camera  of  the 
look  on  their  faces  when  they  get  the  news. 

4. 1  will  not  put  any  content  management  sys¬ 
tem,  CRM  system  or  salesforce  automation  soft¬ 
ware  from  any  manufacturer  into  production 
unless  the  vendor  is  willing  to  let  me  hold  its 
salesman  hostage.  Should  it  not  work  out,  1 
resolve  that  the  vendor  has  to  take  responsibility 
for  the  body. 

5. 1  will  start  a  user  training  program.  I  will  not  let 
our  company  have  users  whose  level  of  computer 
literacy  is  below  that  of  first  graders. 

6. 1  will  stop  drinking  so  much  caffeine,  eating  so 


much  sugar  and  indulging  in  lunches  that  derive 
more  than  75%  of  their  calories  from  fat  —  except 
for  those  great  burritos  from  the  restaurant  around 
the  corner. 

7. 1  will  stop  working  when  1  eat  lunch.  I  will  read 
calming,  soothing  books  instead  of  browsing  the 
Web  over  lunchtime.  I  will  remove  those  bits  of 
pizza  that  have  been  stuck  between  the  keys  of  my 
keyboard  since  last  June. 

8. 1  will  switch  on  the  Web  filters  for  the  IT  group. 
They  won’t  like  it  but  it  is  the  responsible  and  adult 
thing  to  do.  I  will  do  it  by  June.  Or  maybe  August. 

9. 1  will  stop  complaining  about  Microsoft  secur¬ 
ity  problems.  Really  I  will. 

10. 1  will  stop  railing  about  how  lousy  and  con¬ 
trived  HTML  mail  is  and  accept  that  it  is  the  way  of 
the  future.  I  will  create  a  mail  filter  that  randomly 
corrupts  HTML  tags  in  messages  and  see  if  that  gets 
some  action. 

11. 1  will  accept  that  the  IT  budget  is  what  it  is 
and  do  the  best  1  can  with  what  I  have.  I  will  come 
up  with  a  really  good  explanation  that  the  CEO  will 
understand  as  to  why  the  lack  of  budget  wiped  his 
e-mail  system  away 

12. 1  will  write  to  Mark  Gibbs  at  least  once  every 
month. 

So  write  already!  I'm  at  backspin@gibbs.com. 
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By  Paul  McNamara 

The  dreaded  false  positive 

The  anti-spam  vendor  was  truly  posi¬ 
tive  that  we  must  have  gotten  some¬ 
thing  wrong  in  assessing  the  rate  of  false  positives  generated  by  its  product  in 
the  most  recent  Network  World"  Spam  in  the  Wild”  test. 

If  you  missed  that  test  report  amid  the  holiday  hubbub  and  no  longer  have  the 
Dec.  20  issue  hanging  about,  I  strongly  recommend  you  give  it  a  read  at 
www.nwfusion.com,  DocFinder  5128.  Network  World  Lab  Alliance  member  Joel 
Snyder,  a  senior  partner  at  Opus  One,  conducted  the  test  —  and  fielded  the 
inevitable  complaints. 

‘‘Of  course,  many  of  the  vendors  who  had  poor  false-positive  rates  in  the 
anti-spam  piece  insist  that  this  is  impossible  and  that  they  never  lose  mail,” 
says  Snyder,  who  offers  as  evidence  the  following  exchange  of  e-mail  with  the 
absolutely  positive  party  above  (left  nameless  here  out  of  a  combination  of 
compassion  and  our  inability  to  be  absolutely  positive  that  the  vendor’s  prod¬ 
uct,  as  opposed  to  some  other  glitch,  caused  the  ensuing  problem). 

“One,  in  particular,  wanted  the  log  files  off  the  test  server  so  that  they 
could  analyze  what  on  Earth  might  have  happened,"  Snyder  says.  "So,  I  sent 
the  log  files.  But  they  reported  not  receiving  them!  So,  I  sent  the  e-mail  log 
showing  that  they  received  them,  the  date,  time,  message  ID  and  IP  address 
of  their  mail  server,  and  then  they  say  ‘please,  please,  we  can't  find  it,  please 
send  it  again.”’ 

"So,  I  sent  it  again.  And  they  still  said  they  didn’t  get  it.  So,  I  sent  another 
e-mail  log  showing  how  the  message  was  sent  yesterday  to  two  people  at  the 
company  and  received  by  their  mail  server,  with  all  the  relevant  details. ...  I’m 
wondering  just  how  long  it  will  take  before  they're  too  embarrassed  about  their 
own  false-positive  rate  to  keep  asking  for  the  log  files.” 

Personally,  I’ve  grown  tired  of  rolling  my  eyes  at  anti-spam  vendors  that  say 


their  products  absolutely,  positively  never  spit  legit  e-mail  into  the  spam 
bucket.  But  the  good  news,  according  to  Snyder,  is  that  the  better  vendors  are 
coming  much  closer  to  delivering  on  that  promise:  In  our  September  2003 
test,  even  the  top  scorers  misplaced  up  to  3%  of  legitimate  e-mail;  this  time 
there  was  "significant  improvement,  like  a  factor  of  three." 

Please,  sir,  send  me  a  bill 

You  may  have  read  recently  that  The  New  York  Times  is  considering  charg¬ 
ing  a  fee  for  what  is  now  free  access  to  the  newspaper's  Web  site,  which  by 
any  measure  has  to  rate  among  the  greatest  bargains  available  on  the  Internet. 

You  may  or  may  not  share  my  belief  that  this  is  a  positive  and  long-past-due 
development. 

Among  major  daily  newspapers,  only  The  Wall  Street  Journal  has  managed 
to  wean  its  online  audience  off  the  free  gravy  train.  Skeptics  continue  to 
insist  —  and  public  opinion  surveys  continue  to  bolster  the  belief  — -  that  the 
masses  are  unwilling  to  pay  for  news  online  as  long  as  so  much  of  it  is  avail¬ 
able  for  free. 

The  Times  has  yet  to  break  through  that  conventional  wisdom,  but  publisher 
Arthur  Sulzberger  Jr.  was  quoted  in  a  Business  Week  article  as  saying;  "!t 
gets  to  the  issue  of  how  comfortable  are  we  training  a  generation  of  readers  to 
get  quality  information  forfree.That  is  troubling.” 

Yes,  it's  troubling,  but  Sulzberger  is  wrong  on  at  least  one  score:  A  genera¬ 
tion  of  online  readers  has  already  been  trained  to  expect  even  the  best  content 
for  free. 

The  trick  will  be  untraining  them  . . .  and  I  can  think  of  no  better  way  to  move 
that  process  forward  than  having  the  nation’s  preeminent  newspaper  charge 
online  readers  a  reasonable  subscription  fee. 

Speaking  your  mind  about  this  column  remains  free.  The  address  is  buzz @ 
nww.com. 
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The  Journey  of  the  Leader  in  Layer  4--V  Load  Balancing  Switches 

Performance.  Intelligence.  Security.  Price. 


Scrverlron— ,when  it  conics  to  Layer  4—7  load  balancing,  there  is  no  snnnnit! 
Just'  a  continuous  journey,  Ptjyijdrvs  Scrvt*Hron  switclrcs  continue  to  be  the  traiiblazer 
tor  server  scalability  w  ith  one  accomplishmewt  .liter  amain  a .  Sei  \  erl i on  switches  protect 
sen  ers  agaimr  dcnial-of  service  attacks,  improve server  scalabiJifv, and  vastly  enhance  server 
tv  1 1  a  1st  I  it  \ Server  I  rot  i  'makes  it  easy  to  manage  ail  your  networked  applications  and  improve 
user  lVvpoiiive  time  while  eliminating  appheat  ion  downtime,  It's  the  industry  leader  in 
performance:,  intelligence:,  security,  and  price.  So  it's  no  coincidence  that  Serverlmii  is  the 
product  pi  choice  for  the  w  orld's  largest  and  rnOst  demanding  customers.  Visit  uS  today'at 
v\  \\  \\  ton  i  ui  i  \  i  K'  l  works.,  om  s; .  (  h  ea  1 1  i.SSS,.  lURBOl  AN  (  I  .SSS.SS7.2fo2).. 
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The  Power  of  Performance 


Spam  and  virus  protection  at  an  affordable  price. 

/ 

•  No  per  user  license  fees  _  .  .  I 

•  Prices  starting  at  $1399  '  J  MPrel 

•  Powerful,  enterprise-class  solution 


Barracuda  Spam  Firewall 


Aggressive  Reseiier  Program 

POWERFUL  EASY  TO  USE  AFFORDABLE  Get  more  info  by  visiting  www.barracudanetworks.com/RSA 

or  by  calling  1  -888-ANTi-SPAM  or  408-342-5400 


